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1:  Personal  Computer 

1.1  Anti-virus 

Viruses  are  the  bane  of  many  a  PC  user's  existence.  They  can 
attack  you  through  mahcious  web  sites,  corrupt  important 
system  files  and  even  erase  important  data.  However,  you 
can  keep  yourself  safe  with  anti-virus  software.  Anti-virus 
software  comes  in  several  types  of  packages  —  best  of  all, 
some  of  the  most  effective  anti-virus  tools  are  freeware.  Virus 
detection  can  also  be  achieved  through  online  checks.  It  is 
imperative  to  understand  their  necessity,  especially  since 
they  can  slow  down  system  performance  and  prompt  the 
user  with  unfamiliar  commands. 
Normally,  anti-virus  software  has 
three  modes  of  detection: 
1.  Signature  based  detection  — 
The  most  common  method.  It 
matches  the  contents  of  any 
infected  files  against  a  data 
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base  of  virus  signatures  that  avg  Free  is  one  of  the  most 

are  updated  on  a  regular  basis.        reliable  anti  viruses  around 

This  mode  even  examines 
files  m  pieces  to  detect  the 

infected  areas.  However,  constant  updating  of  virus  database 
definitions  is  essential. 

2.  Malicious  activity  detection  -  Monitors  your  system  for 
suspicious  behaviour.  In  case  any  suspicious  activity  is 
detected,  the  system  initiates  signature  based  detection.  This 
is  useful  for  catching  unknown  viruses  that  may  not  be  listed 
in  the  database. 

3.  Heuristic  based  detection  -  The  most  system  taxing  mode 
of  detection  but  the  most  effective  for  detecting  unknown 
viruses.  This  is  done  through  two  methods:  File  analysis 
and  file  emulation.  In  file  analysis,  virus-like  instructions 
that  may  be  embedded  m  different  programs  rather  than 
suspicious  behaviour  is  investigated.  If  a  program  has 
instructions  to  format  the  C  drive,  for  example,  the  anti-virus 
examines  this  program  more  closely.  File  emulation  involves 
executing  a  program  in  a  virtual  environment  and  logging 
the  actions  that  occur,  according  to  which  the  anti-virus  takes 
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appropriate  disinfection  measures.  As  stated  however,  both 
methods  of  this  detection  requires  large  amount  of  system 
resources. 

One  of  the  most  reliable  anti-virus  solutions  available 
is  AVG  Free.  It's  divided  into  three  sections:  Overview, 
Computer  Scanner  and  Update  Now.  Overview  provides  info 
on  the  version  running,  last  scan  performed  and  the  last 
definitions  update.  It  also  showcases  all  the  option  available 
like  Link  Scanner,  E-mail  Scanner,  etc.  and  easily  indicates 
whether  they  are  up-to  date  (green)  or  outdated  (red)  along 
with  their  active  status.  If  outdated,  clicking  on  an  option 
provides  solutions. 

Computer  Scanner  allows  you  to  edit  scan  settings  for  the 
entire  computer  or  specific  folders  and  files.  Scan  settings 
let  you  determine  scan  access  priority  (fast,  automatic  or 
slow),  the  use  of  heuristics,  automatically  healing/removing 
infections  and  more.  Scans  can  be  also  scheduled  to  run  at 
specific  times,  on  start-up  or  even  after  every  few  hours. 

The  Update  Now  section  is  the  most  straightforward 
tab.  It  automatically  connects  online  to  fetch  the  latest  virus 
database  definitions  for  detecting  matching  virus  signatures. 

For  more  options,  click  on  Tools  >  Advanced 
settings.  You  can  schedule  scans  for  different  components 
on  the  basis  of  frequency,  time  of  day  and  what  not.  You  can 
also  determine  update  priorities,  proxy  settings,  types  of  file 
extensions  to  be  detected  by  the  Resident  Shield,  etc. 

On  short  notice  at  any  time,  free  anti-virus  scans  are  also 
available  online  through  several  reliable  sites  such  as: 

•  http://www.kaspersl<v.com/virusscanner 

•  http://securitv.svmantec.com 

•  http://us.mcafee.com/root/mfs/scan. asp?affid=56 

•  http://www.bltdefender.com/scan8 

•  http://onecare.live.com/slte/en-us/default.htm 

•  http://ca.com/securitvadvisor/virusinfo/scan.aspx 

•  http://www.ewido.net/en/onlinescan 

•  http://www.pandasecuritv.com/homeusers/solutions/activescan 

Some  essential  tips  to  preventing  virus  infections:  Always 
scan  external  media.  Schedule  daily  scans  and  updates  (at 
the  minimum).  Never  ever  execute  files  from  unknown  email 
senders  or  follow  unfamiliar  links. 
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1.2  Anti-spyware 

Judging  from  its  name,  yott'd  assume  spyware  was  simply 
malware  that  monitors  your  PC  activities.  Spyware  indeed 
collects  personal  mformation  regarding  what  sites  you  visit 
and  for  how  long.  However,  it  can  also  wrest  control  from  the 
user.  It  redirects  one's  browser  activity  and  even  permits  the 
installation  of  additional  software  without  one's  consent  or 
knowledge.  Spyware  doesn't  infect  neighbouring  computers; 
It  attacks  by  exploitmg  software  loopholes.  Some  of  its  other 
more  damagmg  effects  include: 

Higher  CPU  utilisation 
Unwanted  disk  usage 
System  crashes 
Software  freezing 
Start-up  failures 
Lower  connection  speeds 

Spyware  has  several  routes  of  infection.  A  common 
method  is  by  "piggy-backing"  on  software  downloads  (such 
as  Kazaa  and  Limewire).  It  can  also  come  bundled  with 
shareware.  Keep  m  mind  that  the  download  itself  is  still 
safe,  once  the  software  is  installed  the  spyware  will  be  as 
well.  Spyware  authors  often  repackage  popular  freeware  with 
installers  for  spyware. 

Browsers  such  as  Internet  Explorer  prevent  any 
downloads  from  taking  place  without  the  user's  permission. 
Through  security  holes  in  the  web  browser,  certain  web  pages 
can  override  this  and  install  spyware  on  the  user's  PC.  This 
has  come  to  be  known  as  "drive-by  download"  since  the  user 
is  helpless  during  the  attack.  It  should  be  noted  that  later 
versions  of  IE  have  amended  these  loopholes. 

Certain  freeware  "anti-spyware"  programs  can  also 
contain  spyware.  There  are  currently  over  300  listed 
applications.  Such  programs  are  classified  as  "rogue"  anti- 
spyware  programs.  Examples  of  such  malicious  programs 
are  Spy  Wiper,  WorldAntiSpy,  Spylocked  and  Antivirus  Gold. 
Many  web  pages  associated  with  Adware  Report,  e-Spyware, 
NonToxic-Internet  and  others  also  come  under  rogue/suspect 
anti-spyware  sites. 


EM  FAST  TRACK 


Finally,  spyware  can  be  delivered  via  viruses  and  worms 
as  payload.  For  example,  the  Spybot  worm  causes  several 
pornographic  pop-ups  to  appear  on  the  user's  screen.  This 
directs  traffic  and  channels  funds  to  the  spyware  authors. 

The  most  common  effect  of  spyware  is  the  incidence 
of  pop  up  ads.  These  are  advertisements  that  appear 
in  a  separate  window  of  the  browser  without  the  active 
consent  of  the  user.  They  are  the  result  of  the  spyware 
gathering  mfo  on  the  user.  This  feedback  results  m  ads 
specifically  targetted  at  the  user  depending  on  the  sites 
browsed.  Rootkits  are  newer  and  more  powerful  types  of 
spyware.  They  can  hide  inside  system  critical  processes 
such  as  Safe  Mode,  and  are  harder  to  detect  since  they 
leave  no  on-disk  signatures.  Newer  spyware  programs 
have  countermeasures  against  anti-malware  programs, 
such  as  preventing  installation/execution  of  the  same  and 
even  uninstallmg  them.  Gromozon  is  one  such  malware 
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Use  Spybot  S&D  to  kill  all  that  bad,  bad  spyware 


that  uses  alternate  data  streams  to  hide.  Coupled  with  a 
rootkit,  it  can  escape  alternate  data  stream  scanners  and 
prevent  rootkit  scanners  from  running. 

Spyware  can  best  be  defmed  as  junk  that  weighs  down  the 
PC.  If  accumulated  for  a  long  time,  eventually  the  computer  has 
to  be  formatted  and  software  reinstalled  to  regam  its  former 
speeds.  A  strong  anti-spyware  solution  should  be  in  place 
and  regular  scans  conducted  to  eliminate  spyware  before  it 
accumulates.  Spybot:  Search  and  Destroy  is  one  of  the  most 
popular  and  effective  anti-spyware  programs  available.  It  detects 
keyloggers,  rootkits,  trackmg  cookies,  ActiveX  objects,  homepage 
hijackers  and  even  some  trojans.  It  can  also  create  a  back-up 
registry  to  repair  damaged  files  and  restore  them  to  their  state 
prior  to  infection.  Spybot's  "Immunize"  blocks  the  installation 
of  the  spyware  before  it  happens  by  modifying  its  host  file  and 
a  file  shredder  for  secure  deletion  of  files.  The  TeaTimer  module 
provides  active,  real-time  protection  and  alerts  the  user  to  any 
dangerous  registry  changes. 

Spybot:  S&D  is  commercially  free,  and  its  weekly 
updates  add  new  features  to  keep  pace  with  the  latest 
threats  while  improving  previous  heuristic  algorithms. 
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1.3  Firewalls 

The  internet  is  a  gateway  to  sending  and  receiving  limitless 
information.  Like  most  gates,  it  has  its  share  of  intruders. 
And  hence  we  have  the  gatekeepers  —  firewalls. 

A  firewall  is  part  of  a  computer  system  or  network 
designed  to  prevent  unauthorised  access  while  allowing 
verified  and  safe  communications.  It  usually  consists  of 
a  device  or  set  of  devices.  It  can  also  be  implemented  via 
hardware  or  software,  or  often  a  combination  of  both. 
Firewalls  are  most  commonly  used  to  prevent  unauthorised 
internet  users  from  accessing  private  networks,  especially 
intranets.  Each  firewall  has  a  different  kind  of  authorisation 
criteria.  Information  entering  or  leaving  the  network  through 
firewall  that  doesn't  meet  this  standard  is  blocked. 

Firewall  techniques  consist  of  four  main  types: 

1.  Packet  filter:  Packets  are  the  most  basic  unit  of  data 
transfer  between  computers  and  networks.  A  packet 
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filter  uses  a  set  of  user  defined  rules  for  identifying  the 
source,  destination  address,  protocol  and  port  number. 
If  a  particular  packet  matches  the  rules,  the  filter  either 
discards  it  or  rejects  it  (also  drops  the  packet,  but  sends 
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an  error  response  to  the  source).  Fairly  effective  and 
transparent,  paclcet  filters  are  nonetheless  tough  to 
configure.  They're  also  susceptible  to  IP  spoofing  wherein 
packets  with  forged  IP  addresses  are  created  to  either 
impersonate  an  "accepted"  source  or  conceal  the  identity 
of  the  sender. 

2.  Application  gateway:  Also  referred  to  as  application 
proxies,  they  are  located  between  the  end  user  and 
network.  The  end  user  directly  contacts  the  gateway,  after 
which  it  performs  requested  function  for  the  user.  Specific 
programs  use  specific  mechanisms.  It  is  however  not 
transparent  to  users,  who  must  install  custom  applications 
to  contact  the  gateways.  This  type  is  simple,  since  it 

only  functions  to  proxy  requests  from  end  users.  It  also 
intercepts  IP  packets  from  the  net.  However,  it  causes 
strain  on  system  performance. 

3.  Stateful  firewall:  It  keeps  track  of  the  network  connections 
moving  across  it  (TCP  streams,  for  example).  It 
distinguishes  legitimate  packets  for  different  connections 
and  only  allows  packets  matching  a  specific  connection 
state.  All  others  will  be  rejected.  Sessions  without  traffic 
for  a  specific  period  will  eventually  time  out  to  prevent  the 
table  from  being  filled.  Stateful  firewalls  are  advantageous 
as  opposed  to  packet  filters  since  it  need  only  check  the 
connection  against  its  table  rather  than  an  extensive  rule- 
set. 

4.  Proxy  server:  "Proxy"  meaning  "substitute".  One  of  the 
more  popular  types,  proxy  servers  act  as  go-betweens 
for  outside  clients  seeking  information  from  servers.  The 
request  is  filed  and  checked  according  to  various  filtering 
rules  hence  filtering  traffic  from  certain  IP  addresses. 
Direct  access  to  the  server  is  subsequently  handled 

by  the  proxy  on  behalf  of  the  client.  It  may  speed  up 
resource  management  by  caching  and  delivering  responses 
according  to  specific  requests.  The  servers  are  hence  kept 
anonymous  and  safe  from  attack. 
An  easy-to-use  and  powerful  firewall  can  be  found  m 
ZoneAlarm,  the  newest  release  being  ZoneAlarm  Security 
Suite  2009.  Besides  an  inbound  intrusion  detection  system. 
It  can  also  control  which  programs  can  make  outbound 
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ZoneAlarm  firewall  can  keep  you  safe  In  the  ways  shown  above 


connections.  ZoneAlarm  does  this  by  dividrng  access  into  two 
"zones".  There's  the  trusted  zone,  which  includes  computers 
and  devices  such  as  printers  connected  by  LAN.  Then 
there's  the  "internet  zone".  The  user  must  manually  specify 
permissions  to  give  to  a  program  before  it  tries  to  access  the 
internet.  ZoneAlarm  may  also  prompt  the  user  for  permission 
the  first  time  the  program  attempts  net  access. 

A  freeware  version  is  available,  but  there's  plenty  of 
incentive  to  purchase  the  full  versions.  These  are  the 
OSFirewall  and  SmartDefense  Advisor  features.  OSFirewall 
is  present  m  all  paid  versions  and  monitors  programs  for 
suspicious  behaviour.  SmartDefense  is  only  featured  in 
the  premium  versions.  It  uses  a  large  database  of  reliable 
program  signatures  to  guide  users  with  respect  to  allowing 
or  denying  program  access  to  the  internet.  Different  versions 
of  ZoneAlarm  also  provide  protection  against  viruses  and 
spyware. 
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1.4  Backing  up  important  data 

what  do  you  do  in  the  event  you  lose  aU  your  data  despite 
taking  all  precautionary  measures.  How  about  if  a  fire  or 
storm  destroys  your  computer  physically?  There's  also 
always  the  risk  of  data  theft.  With  information  becoming 
more  valuable,  backing  up  important  data  has  become  vital 
(according  to  a  Global  Backup  Survey,  66  per  cent  of  internet 
users  have  suffered  from  serious  data  loss). 

Backup  involves  making  copies  of  the  original  data  for 
primarily  two  situations:  Firstly  to  restore  a  state  following 
a  disaster.  The  second  is  to  restore  a  small  number  of  files 
either  accidentally  deleted  or  corrupted  -  this  utilises  lesser 
storage  space  and  keeps  efficient  track  of  changes  in  the  data. 

There  are  several  means  by  which  one  may  back  up  data. 
Storage  media  such  as  external  hard  disk  drives,  solid  state 
storage  (which  includes  USB  flash  drives,  thumb  drives,  etc) 
and  optical  discs  are  usually  employed.  The  last  is  especially 
a  popular  option,  especially  thanks  to  the  advent  of  Blu- 
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Nero  9  lias  some  nice  backup  options  for  those  who  want  to  backup  to 
optical  media 
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WinRAR  will  hielp  you  save  space  when  backing  up,  and  will  also  let  you 
protect  your  backed  up  data  with  a  password 


ray  discs  that  can  hold  up  to  50  GB  of  data.  For  writing 
information  to  discs,  the  best  software  is  Nero.  It  supports  all 
CDs,  single-  and  dual-layer  DVDs  and  now  Blu-ray  discs.  Nero 
also  helpfully  indicates  how  much  space  the  selected  files  are 
occupying,  especially  when  it  goes  over  the  writable  limit. 
Nero  also  support  multi-session  discs  for  when  files  are  to  be 
added  later.  Nero  Burning  Rom  9.4.13.2  is  the  latest  release 
and  the  commercial  trial  can  be  easily  located  online. 

When  dealing  with  large  amounts  of  data,  it  becomes 
important  to  compress  it.  This  facilitates  faster  storage  and 
copying  speeds,  along  with  fully  maximizing  any  available 
space.  Compression  is  commonly  carried  out  using  WinRAR, 
wherein  the  data  is  stored  withm  archives.  Most  people 
would  use  WmZip  but  WinRAR  supports  a  wider  range  of 
formats,  including  ZIP  files.  WinRAR  is  especially  versatile 
in  deciding  the  compression  methods,  splitting  the  mfo  into 
separate  archives  of  specified  sizes  (helpfully  classified  into 
different  categories  like  DVD5,  DVD9,  CD,  etc)  and  password 
protecting  archives.  It  can  consistently  produce  smaller 
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archives  than  its  nearest  competition,  and  supports  files/ 
archives  of  up  to  8589  billion  GB  in  size. 

Remember  the  following  points:  The  more  important  the 
data,  the  greater  the  need  for  a  backup  solution. 

Chalk  out  a  proper  restore  strategy,  since  restoring  data 
through  backup  can  be  as  taxing  as  storage.  In  this  case, 
automated  backup  and  scheduling  should  be  considered. 
Like  regular  virus  scans,  it's  easy  to  forget  backing  up  data  or 
leaving  it  for  another  day. 

Do  not  store  the  backup  close  to  the  original  data.  Fires, 
rain  and  electrical  surges  would  likely  damage  both  at  the 
same  time.  Try  storing  the  backups  m  an  off-site  location. 

Even  if  secured  properly,  backups  are  not  infallible. 
Verification  or  monitoring  strategies  are  important  for 
keeping  track  of  the  backup's  lifeline. 

Store  backed  up  archives  in  open/standard  formats.  This 
helps  with  recovery  in  the  future  when  the  software  used  to 
make  the  backup  is  obsolete.  This  allows  different  software  to 
be  used. 

1.5  Hiding  files  and  folders 

A  hidden  file  or  folder  is  one  that  can't  normally  be  seen. 
This  is  usually  applied  to  sensitive  data  such  as  system  files 
and  user  preferences  to  prevent  any  edits  or  changes.  It 
also  helps  when  you  want  to  conceal  any  information  from 
prying  eyes.  While  there  are  many  applications  that  claim  to 


Hiding  files  in  Windows 


EM  FAST  TRACK 


PERSONAL  COMPUTER 


www.thinkdigit.com 


securely  hide  folders,  some 
cause  problems  within 
the  operating  system.  For 
example,  in  case  of  a  system 
crash,  will  the  hidden 
folders  be  backed  up  by  the 
folder  hiding  application? 

Windows  offers  a 
very  simple  method  for 
hiding  folders.  Simply 
right-click  on  a  folder, 
select  Properties,  select  the 
Hidden  box  in  Attributes 
and  click  OK.  The  option 
to  hide  all  subsequent 
sub-folders  and 
contained  files  will  also 
be  presented.  Your  folder  will  now  be  hidden  from  public 
viewing.  You  can  disable  the  Hidden  attribute  by  deselecting 
the  box.  The  folder  thus  reverts  back  to  its  visible  status. 

This  is  very  weak  protection  since  the  "protected" 
folders  are  still  easily  viewable.  To  view  any  hidden  folders 
(including  any  system  folders),  simply  go  to  the  Windows 
Explorer  menu.  Select  Tools  >  Folder  Options  and  go 
to  View.  Click  on  Show  Hidden  Folders  and  Files  and  then 
Apply  To  All  Folders.  This  will  make  all  hidden  files  visible. 
It  should  also  be  noted  that  Windows  allows  you  to  navigate 
to  hidden  folders.  Simply  type  the  name  of  the  folder  in  the 
address  bar  after  the  name  of  the  drive  and  voila. 

If  they're  so  easy  to  uncover,  why  hide  a  folder  when  you 
can  just  encrypt  it?  Simple:  You  can't  want  what  you  can't 
see.  It  should  never  become  an  either/or  choice  because  you 
can  never  be  too  careful.  However,  a  hidden  folder  lays  in 
ambiguity.  As  long  as  someone  doesn't  know  about  it,  they 
won't  bother  looking  for  it.  However,  a  password  protected 
folder  that  is  visible  screams  "important  data"  and  will  tempt 
people  to  take  a  crack  at  it.  The  best  solution  is  to  encrypt 
and  then  hide  important  folders  for  double  security.  Simply 
don't  forget  the  password  and  you  should  be  fine. 

On  a  side-note,  malware  often  uses  the  hidden  folder 
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options  to  escape  detection.  Keep  this  m  mind  when  running 
virus  scans  and  having  the  choice  to  scan  hidden  folders  as  well. 


are  usually  only  removed  from  the  system  directory  or  ^ 
shifted  to  a  holding  area  for  safe  keeping  (even  if  said  area 
hasn't  been  specified  in  advance  by  the  user).  One  biggest  J 
causes  of  data  loss  is  logical  damage.  It  is  primarily  caused 
by  power  outages  that  prevent  files  from  being  completely  j 
written  to  the  storage  medium.  Problems  with  hardware  e 
like  RAID  controllers  and  system  crashes  usually  cause  the  C 
same  but  the  result  is  the  same.  The  file  system  is  left  in  U 
an  inconsistent  state.  This  can  lead  to  more  problems  such  " 
as  drives  reporting  negative  amounts  of  free  space,  system  ^ 
crashes  and  actual  lost  data.  Y 

Logical  damage  can  be  prevented  through  the  use  of 
journaling  file  systems  like  NTFS  5.0.  It  decreases  the 
incidence  of  logical  damage  by  rolling  back  to  a  consistent 
state.  Only  the  data  present  in  the  drive's  cache  at  the  time 
of  system  failure  will  be  lost.  That  being  said,  two  common 
techniques  for  recovering  data  from  logical  damage  include: 

1.  Consistency  checking  -  Scans  the  logical  structure  of  the 
disk  and  makes  sure  it  is  consistent  with  its  specifications. 
A  file  repair  system  repair  program  reads  each  directory 
and  makes  sure  these  entries  exist  and  point  to  the  correct 
directories. 

2.  Data  carving  -  Allows  for  data  with  no  file  system 
allocation  to  be  extracted  by  identifying  sectors  and  clusters 
belonging  to  the  file.  Usually  searches  through  raw  sectors 
looking  for  specific  file  signatures. 

It  should  be  mentioned  that  data  recovery  cannot  be  done 
on  a  running  system.  A  boot  disk,  Live  USB,  etc.  containing  a 
minimal  operating  system  and  a  set  of  repair  tools  is  usually 
required.  One  of  these  is  Nero  BackltUp  Image  Tool  which 
restores  the  image  created  by  the  application  to  roll  back  the 
system  to  a  consistent  state.  A  good  consistency  checker  is 
Checkdisk  (CHKDSK,  for  short).  It  runs  on  DOS,  OS/2  and 


1.6  Recover  lost  data 

when  you  delete  files,  they're  never  permanently  deleted. 
Even  if  you  mistakenly  delete  a  file,  it  still  exists  on  the 
hard  disk.  This  is  termed  as  data  remanence.  The  file  names 
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Windows  OS  systems,  displaying  file  system  integrity  status 
of  disk  drives.  It  can  fix  logical  file  system  errors  and  can 
also  check  the  disk  surface  for  physical  errors  or  bad  sectors. 
CHKDSK  can  be  run  from  the  Windows  Shell,  the  Windows 
Command  Prompt  or  the  Windows  Recovery  Console. 

Some  general  tips  for  recovering  data:  Don't  delete  files 
instantly.  Move  them  to  a  temporary  location  such  as  the 
recycle  bin  before  deciding  whether  you  need  them  or  not. 

Mark  important  files  as  read-only.  The  OS  will  then  warn 
you  if  you  try  to  delete  the  file.  Under  systems  that  allow 
file  system  permissions,  users  can  often  only  delete  their 
own  files.  This  prevents  the  erasure  of  critical  system  files  or 
other's  work. 

1.7  Securely  delete  data 

The  reasons  for  deleting  files  are  many:  Freeing  disk  space, 
removing  unnecessary  or  unneeded  data,  even  making 
sensitive  data  unavailable  to  others.  However,  securely 
deleting  data  involves  more  than  simply  emptying  the  Recycle 
Bin.  Basic  file  deletion  methods  only  remove  he  direct 
pointers  to  data  disk  centres.  A  residual  form  of  the  data, 
called  data  remanence,  still  persists.  Thus,  any  one  with  data 
recovery  tools  can  still  unearth  the  data  once  more.  Physical 
destruction  may  seem  like  the  only  way  but  thankfully,  there 
exist  many  data  erasure  methods  that  remove  information 
permanently  while  still  keeping  the  disk  operable. 

Software-based  overwriting  is  one  such  method.  It  writes 
patterns  of  meaningless  data  onto  each  of  a  hard  drive's 
sectors.  It  differs  from  pure  data  erasure  in  that  some  data 
will  still  be  intact  and  at  risk  of  data  breach  or  information 
theft.  Nonetheless,  data  erasure  employs  multiple  overwrites 
according  to  different  overwriting  standards.  There  are 
usually  three  types  of  data  erasure  that  differ  depending  on 
the  number  of  overwrites: 

1.  Fast  erasure  -  Consists  of  one  round  of  data  deletion  and 
the  filling  of  space  with  random  data. 

2.  Forced  erasure  -  A  US  Department  of  Defense  standard 
of  file  erasure.  Unlike  quick  erase,  data  is  overwritten  with 
useless  info  3  to  7  rounds  in  a  row.  Also  referred  to  as  the 
DoD  5220. 22M  Standard. 
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Using  Nero  BackltUp  to  back  up  files 


3.  Ultimate  erasure  -  The  erased  file  goes  through  35  rounds 
of  overwriting,  first  with  a  lead-in  four  random  write  patterns, 
5-31  patterns  executed  m  random  order  and  a  lead-out  of 
four  more  random  patterns.  This  method  is  also  referred  to 
Gutmann  Algorithm. 

The  data  overwriting  the  existing  data  consists  of  little 
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more  than  random  numbers  or  a  series  of  zeroes  and  ones  bit 
patterns. 

Freeraser:  Free  Shredder  is  a  Windows  file  shredding  utility 
that  wipes  files  m  all  three  of  the  above  methods  and  is  good  for 
basic  use.  It  even  places  a  fancy  recycle  bin  icon  that  prompts  a 
warning  message  any  time  you  drag  any  data  to  it.  Eraser  Secure 
Data  Removal  Tool  goes  even  further  by  can  also  erase  space 
allocated  to  the  file  by  the  OS  (called  file  slack  space),  Windows 
virtual  memory  swap  files,  unused  space  on  a  hard  disk  or  an 
entire  hard  disk  and  also  erasing  filenames  from  the  directories. 
It  can  wipe  any  amount  of  data  specified  and  even  supports  the 
three  above  erasure  methods.  It's  also  open  source  and  works 
perfectly  with  Windows. 

Let's  say  you  want  to  completely  wipe  your  hard  disk, 
when  giving  away  your  computer  to  someone  for  example. 
No  other  software  is  best  suited  for  bulk  emergency 
destruction  than  Darik's  Boot  and  Nuke,  referred  to  as  DBAN 
for  short.  It  comes  in  the  form  of  bootable  CDROM  image 
and  once  loaded  proceeds  to  completely  destroy  data  in  every 
partition  and  hard  disk. 
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A  PC  can  have  more  than  one  user.  For  more  than  one  user, 
especially  with  children,  it's  always  good  to  keep  more 
than  one  ttser  profile.  However,  it's  important  to  specify 
which  files  a  user  can  be  allowed  to  access  and  manipulate. 
Windows  usually  keeps  most  important  system  files  hidden 
but  they  can  still  be  modified.  Hence,  controlling  accessibility 
becomes  a  major  part  of  computer  security  especially  when 
your  computer  is  cracked. 

To  modulate  accessibility,  first  go  to  the  Control  Panel 
>User  Accounts  and  make  sure  more  than  one  account  is 
active  (preferably  one  with  administrator  access  and  one 
"guest"  account).  Then  right-click  on  the  My  Computer  icon, 
select  Properties  and  go  to  the  Advanced  tab.  Options  for 
Performance,  User  Profiles  and  Start-up  &  Recovery  will 
be  available.  Select  User  Profiles  and  depending  on  your 
accounts  set,  you  can  specify  which  drives  different  users  will 
access.  You  can  also  set  up  groups  to  decide  who  can  access 
which  drives  and  documents. 

Creating  a  Limited  access  account,  with  no  access  to  the 
important  system  files  has  its  advantage  on  open  networks 
and  wi-fi  connections.  Sharing  networks  over  a  wi-fi  easily 
allows  another  user  to  access  one's  files  and  hard  drives  for 
malicious  purposes.  Viruses  and  spyware  present  on  the 
main  server  system  will  also  infect  other  computers  in  the 
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network.  You  should  have  an  anti-virus,  anti-spyware  and 
firewall  installed  on  the  system.  But  locking  out  access  to  the 
vital  system  files  will  eliminate  the  extra  1%  of  intrusions 
that  make  it  through. 
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2.1  Spam  filters 

Spam  is  a  growing  problem  for  email  users,  and  many  solutions 
have  been  proposed,  from  a  postage  fee  for  email  to  Turing  tests 
to  simply  not  acceptmg  email  from  people  you  don't  know. 
Spam  filtering  is  one  way  to  reduce  the  impact  of  the  problem 
on  the  individual  user  (though  it  does  nothing  to  reduce  the 
effect  of  the  network  traffic  generated  by  spam).  In  its  simplest 
form,  a  spam  filter  is  a  mechanism  for  classifying  a  message  as 
either  spam  or  not  spam. 

There  are  many  techniques  for  classifying  a  message.  It 
can  be  examined  for  "spam-markers"  such  as  common  spam 
subjects,  known  spammer  addresses,  known  mail  forwarding 
machines,  or  simply  common  spam  phrases.  The  header  and/ or 
the  body  can  be  examined  for  these  markers.  Another  method 
is  to  classify  all  messages  not  from  known  addresses  as  spam. 
Another  is  to  compare  with  messages  that  others  have  received, 
and  find  common  spam  messages. 

A  popular  spam  filter  is  SpamAssassin.  It's  an  extensible 
email  filter  that  is  used  to  identify  spam.  Once  identified,  you 
can  optionally  tag  it  as  spam  for  later  filtering.  It  also  provides 
a  command  line  tool  to  perform  filtering,  a  client-server  system 
for  larger  volumes  and  Mail:: SpamAssassin,  a  set  of  Perl  modules 
allowing  SpamAssassin  to  be  used  in  a  wide  variety  of  email 
system.  It's  also  become  much  easier  to  blacklist  and  whitelist 
messages  than  before.  SpamAssassin  also  comes  equipped  with 
Bayesian  filters  that  can  identify  spam  and  non-spam  (called 
"ham")  based  on  certain  keywords  or  "tokens"  that  appear 
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Bayeslan  filters  get  more  effective  with  each  spam  mall  Identified 


frequently  in  spam  messages.  The  more  spam  (and  ham)  you 
filter,  the  better  it  gets  at  detecting  spam. 

If  you  can't  use  a  filter,  what  then?  The  most  common 
solution  is  to  have  multiple  email  addresses.  One  approach 
is  to  select  one  to  be  your  "private"  guarded  email  address 
-  much  like  an  unlisted  phone  number  -  that  you  never  use  in 
situations  where  the  email  address  would  be  harvested  for  spam 
mailing  lists.  The  other  approach  is  to  generate  "throw-away" 
email  addresses  that  you  use  only  for  a  limited  time  (say  when 
registering  a  product),  and  can  safely  ignore  thereafter.  And  of 
course  both  approaches  can  be  used  at  the  same  time. 

2.2  Identifying  lioaxes 

A  hoax  can  best  be  defined  as  a  deliberate  attempt  to  trick 
people  into  believing  or  something  to  be  real.  Internet  hoaxes 
are  no  different.  If  you've  received  any  mails  claiming  that  you've 
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Think  twice  before  clicking  on  inviting  links 

won  millions  in  some  random  foreign  lottery  (with  the  key  to 
receiving  these  millions  being  to  pay  some  money  up  front), 
you'll  know  what  we  mean.  The  perpetrators  behind  these 
messages  want  nothing  more  than  for  you  to  mail  them  your 
credit  card/bank  account  numbers. 

The  best  way  to  spot  hoaxes  is  a  good  dose  of  common 
sense.  As  the  saying  goes,  "If  it  sounds  too  good  to  be  true,  it 
usually  is".  The  Internet  Crime  Complaint  Center,  Federal  Trade 
Commission  and  Better  Business  Bureau  all  recommend  the 
following  tips  for  protecting  your  personal  info. 

Do  not  respond  to  the  scam  email,  click  on  links,  or 
open  attachments,  which  could  leave  your  computer  at  risk  for 
viruses. 

If  the  email  appears  to  have  come  from  a  company, 
check  their  web  site  to  see  if  they've  addressed  any  scams  using 
their  name,  and  contact  the  Better  Business  Bureau  to  find  out  if 
there  have  been  any  complaints  about  such  a  scam. 

In  case  you've  responded  to  what  you  believe  was  a  scam, 
then  make  sure  to  contact  your  bank  immediately  and  ask  what 
steps  you  should  take  to  protect  your  money.  You  should  also 
review  your  free  credit  report  to  monitor  your  active  accounts, 
mortgages,  and  other  financial  information.  Always  treat  email 
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Always  look  out  for  the  typical  style  In  scam  emails 

solicitations  with  skepticism,  since  there's  no  way  to  avoid 
receiving  these  mails.  If  you  didn't  remember  signing  up  for  a 
service  or  contest,  then  you  probably  didn't.  Reputable  financial 
institutions  never  prompt  you  for  account  information  via  email, 
but  if  you're  unsure  about  whether  you  need  to  provide  extra 
info  to  a  company  you  deal  with,  always  contact  them  directly. 

Another  kind  of  hoax  is  the  infamous  chain  letter.  These  try 
to  persuade  the  recipient  to  forward  the  letter  to  as  many  people 
as  possible  by  using  emotional  stories  or  get-rich-quick  schemes. 
There's  also  the  threat  of  physical  violence  or  bad  luck  if  one 
attempts  to  break  the  chain.  U  can  often  become  difficult  to  tell 
the  difference  between  chain  letters  and  real  correspondence, 
since  it's  not  uncommon  for  people  to  treat  it  like  a  game.  Chain 
letters  are  widely  popular  on  sites  such  as  Orkut  and  Youtube, 
with  some  comments  prompting  the  user  to  copy  and  paste  a 
link  to  get  secret  information.  Naturally,  you  should  never  follow 
such  links  nor  open  any  attachments  that  come  with  chain 
letters  since  they  can  contain  trojans. 

2.3  Identifying  scams 

Hoaxes  attempt  to  fool  people  into  dropping  some  cash.  Scams 
can  be  a  lot  more  dangerous,  since  they  attempt  to  obtain  all 
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Be  cautious,  especially  during  online  financial  transactions  ^ 

E 

types  of  sensitive  info.  Be  it  passwords,  usernames  or  credit  card  C 
detaifs,  scams  can  be  very  liard  to  identify  at  times.  Tfiey  can  be  ^ 
in  the  form  of  messages  from  popufar  social  web  site,  auction  " 
sites,  IT  admins  and  even  job  seeking  sites.  It's  typically  carried  ^ 
out  by  email  and  instant  messaging,  though  scams  are  also  y 
possible  through  phone  calls.  Users  are  prompted  to  enter  info 
that  often  looks  and  works  exactly  like  the  legitimate  one,  even 
under  severe  scrutiny  via  server  authentication. 

Since  scams  go  the  extra  mile  to  get  info  from  their  users, 
they  require  more  than  just  a  little  common  sense  to  deal  with. 

-  Even  if  the  mails  look  like  they're  from  familiar  people, 
they  could  be  from  scammers  and  contain  programs  that 
will  steal  your  personal  information. 

-  Watch  out  for  "phishy"  emails.  The  most  common  form 
of  scamming  are  emails  pretending  to  be  from  a  legitimate 
retailer,  bank,  organization,  or  government  agency.  The 
sender  asks  to  "confirm"  your  personal  information  for 
some  made-up  reason:  your  account  is  about  to  be  closed, 
an  order  for  something  has  been  placed  in  your  name, 

or  your  information  has  been  lost  because  of  a  computer 
problem. 

-  Don't  click  on  links  within  emails  that  ask  for  your 
personal  information.  Fraudsters  use  these  links  to  lure 
people  to  phony  web  sites  that  looks  just  like  the  real 
sites  of  the  company,  organization,  or  agency  they're 
impersonating.  Always  verify  the  web  site  from  the 
company  or  agency,  call  it  directly  or  go  to  its  web  site  via 
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Most  browsers  give  out  a  warning  wlien  suspicious  activities  are  detected 


search  engine. 

-  A  scammer  can  direct  you  to  a  real  company's  web  site, 
but  then  an  unauthorised  pop-up  screen  created  by  the 
scammer  will  appear,  with  blanks  in  which  to  provide  your 
personal  information.  Never  provide  information  in  these. 
Installing  pop-up  blocking  software  helps  prevent  this. 

-  A  spam  filter  can  help  reduce  the  number  of  scam  mails 
you  get.  Anti-virus  software  as  explained  earlier  can  scan 
for  malicious  files  and  report  any  suspicious  activity  taking 
place  on  your  PC.  Firewalls  will  prevent  unauthorised 
communications  from  entering  your  computer.  Look  for 
programs  that  offer  automatic  updates  and  take  advantage 
of  free  patches  that  manufacturers  offer  to  fix  newly 
discovered  problems. 

Most  browsers  these  days  maintain  a  list  of  known  scam 
sites  and  check  web  sites  against  the  list.  MoziUa  Firefox  2 
onwards  uses  Google's  anti-phishmg  software,  which  has  found 
be  more  effective  than  Internet  Explorer  7  onwards  in  detecting 
fraudulent  sites. 
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2.4  Protecting  your  profile  on  social 
networking  sites 

Social  networking  sites  are  the  hottest  places  to  meet  people 
online  nowadays.  Interest  groups,  blogs,  chatting,  hobbies, 
friends,  business  networking  -  these  sites  mimic  all  the  aspects 
of  real  life  socialising  but  online.  Just  like  real  life,  however, 
you're  open  to  attacks  and  theft  of  information  online.  When 
setting  up  a  profile  on  a  social  networking  site  like  Facebook  or 
Myspace,  it's  essential  to  determine  what  info  you  wish  to  post. 
Your  name,  age,  gender,  zip  code  and  email  address  are  usually 
required  to  create  an  account.  The  mfo  that  should  never  be 
shared  on  your  profile  include:  Address,  phone  number,  social 
security  number  and  credit  card  number. 

It's  not  just  about  the  info  you  share  but  who  you  want 
to  share  it  with.  When  you  first  join  a  social  networking  site, 
the  default  setting  is  to  allow  anyone  to  see  your  profile  and 
updates.  Sites  such  as  Facebook  go  even  further:  Your  activities 
will  not  only  be  shared  with  various  friends  and  groups,  but 
also  across  every  single  network  you've  ever  traversed.  You  can 
disable  these  settings  in  the  account  settings  and  uncheckmg 
"Allow  anyone  to  see  my  public  search  listing"  along  with 
restricting  your  email  IDs,  IM  names  and  other  details  to  people 
on  your  friends  list. 

It's  vital  to  understand  the  privacy  policy  of  some  of 
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Carefully  read  the  privacy  policy  of  the  web  sites  that  gather  your  personal 
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When  filling  your  profile,  make  sure  you  don't  let  anonymous  people 
have  access  to  your  personal  information 

these  social  networking  sites.  Is  the  poUcy  easy  to  read  and 
understand?  Will  they  share  or  sell  your  information?  How 
recently  was  it  updated?  Sites  like  Linkedin  state  plainly  that 
will  never  sell  your  info.  Facebook  and  Myspace  do  not  state 
they  won't  sell  your  info  so  it's  safe  to  assume  they're  reserving 
the  right  to  do  so. 

By  default,  everyone  can  find  your  profile  listing  in  a  public 
search.  This  includes  Facebook  and  Myspace,  along  with  the 
potential  to  find  people  across  MSN,  Google  and  Yahoo.  Make  sure 
you  go  through  the  Privacy  Settings  of  your  account  to  ascertain 
which  information  you'd  like  to  display  publicly.  Alternatively, 
you  can  set  your  profile  to  "No  Networks"  in  Facebook  which  will 
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disable  most  sharing  settings.  Selecting  the  "My  Friends  Only"  box 
in  Myspace  will  lock  out  strangers  from  viewing  your  profile. 

A  trick  used  to  gain  information  involves  some  one  creating 
a  new  account  with  your  friend's  name  and  a  few  general  details. 
Then  they  send  a  friend  request  to  you,  stating  they've  created  a 
new  account  (for  some  reason  or  another).  In  this  case,  confirm 
vnth  your  friend  personally  or  over  his  old  account  whether  the 
new  account  is  real  or  not. 

2.5  Using  secure  passwords 

Passwords  are  the  keys  to  access  personal  information 
stored  m  your  computer.  This  means  they  are  the  one 
barrier  between  your  data  being  safe  and  sound  to  having 
your  entire  system  compromised. 

The  strongest  passwords  are  those  that  are  the  longest. 
Most  passwords  should  at  least  be  8  characters  in  length  but 
those  with  14  or  more  characters  are  the  best.  Combine  letters, 
numbers  and  symbols  culled  from  the  entire  keyboard.  Your 
password  will  be  much  stronger  if  you  choose  from  all  symbols 
on  the  keyboard,  including  punctuation  marks  not  on  the  upper 
row  of  the  keyboard  and  even  symbols  unique  to  your  own 
language.  Substitute  letters  with  similar  looking  numbers  (for 
example,  "A"  with  "4")  and  also  mix  uppercase  and  lowercase 
letters.  Throw  some  misspellings  in  there  as  well. 

The  greater  variety  of  characters  in  your  password,  the 
harder  it  is  to  guess.  If  you  cannot  create  a  password  that 
contains  symbols,  you  need  to  make  it  considerably  longer  to 
get  the  same  degree  of  protection.  An  ideal  password  is  one 
that  combines  both  length  and  different  characters.  Finally, 
use  words  and  phrases  that  are  easy  for  you  to  remember  but 
difficult  for  others  to  guess. 

The  various  don'ts  to  follow  when  making  a  strong 
password  are: 

-  Avoid  sequences  or  repeated  characters.  "12345678," 
"222222,"  "abcdefg,"  or  adjacent  letters  on  your  keyboard 
do  not  help  make  secure  passwords. 

-  Avoid  using  only  look-alike  substitutions  of  numbers 
or  symbols.  Criminals  and  other  malicious  users  who 
know  enough  to  try  and  crack  your  password  will  not  be 
fooled  by  common  look-alike  replacements,  such  as  to 
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A  replace  an  'i'  with  a  '1'  or  an  'a'  with      as  in  "MlcrO$Oft" 

S  or  "P@sswOrd".  But  these  substitutions  can  be  effective 

'''  when  combined  with  other  measures,  such  as  length, 

J  misspellings,  or  variations  m  case,  to  improve  the  strength 

U  of  your  password. 

A  -       Avoid  your  login  name.  Any  part  of  your  name, 

C       birthday,  social  security  number,  or  similar  information  for  your 

K       loved  ones  constitutes  a  bad  password  choice.  This  is  one  of  the 

first  things  criminals  will  try. 
'''  -       Avoid  dictionary  words  in  any  language.  Criminals 

use  sophisticated  tools  that  can  rapidly  guess  passwords  that 
are  based  on  words  in  multiple  dictionaries,  including  words 
E       spelled  backwards,  common  misspellings,  and  substitutions. 
C       This  includes  all  sorts  of  profanity  and  any  word  you  would  not 
U        say  m  front  of  your  children. 

Use  more  than  one  password  everywhere.  If  any  one 
of  the  computers  or  online  systems  using  this  password  is 
compromised,  all  of  your  other  information  protected  by  that 
password  should  be  considered  compromised  as  well.  It  is 
critical  to  use  different  passwords  for  different  systems. 

Avoid  using  online  storage.  If  malicious  users  find 
these  passwords  stored  online  or  on  a  networked  computer, 
they  have  access  to  all  your  information. 
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Windows  has  some  effective  parental  control  options 
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Change  your  password  every  30-60  days  and  avoid 
using  any  old  password. 
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You  can  also  generate  any  random  password  of  your  liking  j 

very  easily  through  PC  Tools  Secure  Password  Generator  at:  p 

http://www.pctools.com/guides/password/  A 

C 

2.6  Restricting  cliildren  to  safe  areas  k 

children  working  off  the  same  computer  or  connecting  to  the 

internet  the  first  time,  especially  in  this  age  of  net  crimes,  are  J 
always  at  risk.  However,  explicit  content  and  malware  also  pose 
a  significant  threat  for  a  child  who  wouldn't  be  able  to  deal  with 

them.  There  are  several  parental  controls  embedded  within  e 

Windows.  You  have  the  option  of  turning  them  on  or  off,  as  C 

well  as  collecting  information  about  computer  usage  by  enabling  ^ 

Activity  Reporting.  First  go  to  the  Control  Panel  and  click  on  " 

User  Accounts>Parental  Controls.  You  can  apply  ^ 

Parental  Controls  on  pre-existing,  non-administrator  account  or  y 
create  a  new  one  for  the  purpose.  The  different  control  options 
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A       include  the  following: 

5  -  Web  filter  -  Contains  an  Allow  and  Block  list  which  you 

can  edit.  You  can  also  choose  to  block  some  websites  or  allow 
all  websites  for  the  user  to  visit.  Also  allows  you  to  modify  the 
restriction  level  of  the  web  based  on  key  categories  and  block 
file  downloads. 

C  -  Time  Limits  -  You  can  set  the  time  for  which  a  user  is  able 

K       to  use  the  computer.  You  can  select  different  hour  slots  within 

the  week  and  easily  mark  out  which  are  to  be  blocked  with  a 

'''       single  click. 
0 

-  Game  Controls  -  Allows  you  to  set  the  ratings  for  the 
games  the  user  is  allowed  to  play.  You  can  also  block  or  allow 
E       specific  games  on  the  computer. 

C  -  Application  Restrictions  -  Let's  you  determine  if  the  user 

U       can  access  all  programs  or  only  the  ones  you  allow. 

You  can  also  third  party  web  content  filter  software  for 
maximum  protection.  A  very  effective  one  is  Net  Nanny.  It  can 
block  illegal  file  sharing  and  even  social  networking  sites.  It 
also  allows  for  remote  management  and  monitoring  of  instant 
messaging  programs  such  as  AIM.  The  latter  is  especially 
important  when  taken  into  account  with  the  number  of 
malicious  crimes  perpetrated  beginning  from  a  simple  chat 
conversation. 

It's  important  to  advise  your  kids  on  safe  surfing.  Advise 
them  on  not  speaking  to  strangers  and  explain  how  it's  very 
easy  for  someone  to  be  misled  on  the  internet.  Tell  them 
which  sites  they're  allowed  to  visit  any  why.  "Warn  them  about 
freely  exploring  on  their  own,  as  well  as  not  to  download  any 
applications  from  the  internet  that  come  from  questionable 
sites  or.  They  should  also  inform  you  whether  they  receive  any 
emails  from  people  they  don't  know.  Explain  the  risks  of  viruses 
as  well  as  the  need  to  be  careful  even  with  attachments  from 
people  they  know.  Finally  if  kids  receive  an  email  they  don't 
like  from  someone  they  don't  know,  tell  them  to  inform  you 
immediately  and  not  to  reply  themselves. 

2.7  Using  internet  proxies 

As  stated  earlier,  internet  proxies  act  as  go-betweens  for  requests 
from  clients  seeking  resources  from  other  serves.  This  is  meant 
for  the  purpose  of  either  keeping  the  machines  anonymous  or 
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Using  a  proxy  server  significantly  increases  security 


speeding  up  access  to  a  resource  via  caching.  The  two  main 
proxies  well  talk  about  are  web  proxies  and  content  filtering 
proxies. 

Web  proxies  are  those  focusing  on  www  traffic.  The  most 
common  use  for  a  web  proxy  is  in  web  caching.  Caching  keeps 
local  copies  of  frequently  requested  resources  allowing  one  to 
significantly  reduce  their  upstream  bandwidth  cost  and  usage 
while  increasing  performance.  Some  web  proxies  also  provide 
a  means  to  deny  access  to  certain  URLs  in  a  blacklist,  thus 
providing  for  some  form  of  content  filtering. 

One  of  the  more  well-known  freeware  web  proxies  is  Squid. 
It  functions  as  a  proxy  server  and  a  web  cache  daemon.  It  serves 
a  variety  of  uses  from  speeding  up  a  web  server  to  caching 
repeated  requests.  It  also  caches  web,  DNS,  and  other  computer 
network  lookups  for  people  sharing  network  resources.  Squid 
also  aids  in  filtering  traffic  thus  aiding  in  security.  It  also  has 
some  features  that  can  help  anonymize  connections  such  as 
disabling  or  changing  specific  header  fields  m  a  client's  HTTP 
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Web  filters  l<eep  offensive  content  from  innocent  l<ids 


requests.  Whether  they  are  set  and  what  they  are  set  to  do  is  up 
to  the  person  who  controls  the  computer  running  Squid. 

Squid  can  also  function  as  a  reverse  proxy  -  that  is, 
serving  an  unlimited  number  of  clients  for  a  limited  number 
of  webservers.  This  results  m  less  traffic  to  the  source  server, 
meaning  less  CPU  and  memory  usage,  and  less  need  for 
bandwidth.  All  without  any  action  by  the  clients.  Squid 
works  on  a  variety  of  platforms,  including  Windows,  Linux, 
Mac  OS  X,  etc. 

Content  filtering  proxies,  also  known  as  censorware 
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or  web  filtering  software,  is  a  term  for  software  designed 
and  optimised  for  controlling  what  content  is  permitted 
to  a  reader,  especially  when  used  to  restrict  material 
delivered  over  the  web.  Content-control  software 
determines  what  content  will  be  available  on  a  particular 
machine  or  network.  The  motive  is  often  to  prevent 
persons  from  viewing  content  which  may  be  considered 
objectionable. 

2.8  Avoid  leaving  a  searcli  trail 

A  search  query  is  a  term  a  user  enters  into  a  search  engine 
to  satisfy  information  needs.  When  a  user  records  the 
path  of  the  queries  and  the  information  they  lead  to,  it 
is  referred  to  as  a  search  trail.  The  trails  themselves  are 
searchable,  allowing  users  to  save  time  when  searching  by 
examining  pages  found  by  other  users.  The  intention  is 
also  to  allow  easier  searching  of  the  web.  An  application 
that  lets  users  record  search  trails  is  Trexy,  which  installs 
itself  as  a  toolbar  and  records  the  user's  activity  on  search 
sites  it  is  aware  of. 

However,  some  major  sites  such  as  Google,  AOL, 
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TrackMeNot  makes  your  searcli  behaviour  difficult  to  analyse 

Yahoo  and  MSN  are  all  collecting  data  from  users.  All 
of  this  search  engines  are  monitoring  and  storing  your 
searches  along  with  other  such  data  as  your  behaviour 
while  online.  This  information  may  in  some  cases,  not 
only  been  seen  by  those  involved  with  your  favourite 
search  engine  but  also  in  many  cases,  third  parties. 
Some  sites  such  as  Ask.com  allow  users  to  delete  data 
on  search  queries  to  bolster  personal  privacy.  Called 
AskEraser,  it  deletes  all  subsequent  search  queries 
and  related  information  linked  to  a  user's  cookies  or 
identifying  information  from  computers.  It's  featured  on 
the  site's  home  page  and  all  search  results  pages,  with 
a  clear  choice  to  signal  whether  the  feature  should  be 
"On"  or  "Off"  during  a  user's  search  requests. 

Another  option  is  to  hide  your  search  in  a  cloud  of 
"ghost  queries".  A  Firefox  add-on  called  TrackMeNot 
does  just  that.  On  installing,  it  will  show  up  in  your 
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status  bar  with  certain  search  queries.  These  will  be 
sent  to  search  engines  faking  them  out  as  to  where  you 
are  really  going  or  what  you  are  searching  for  while 
online.  You  can  disable  the  display  if  you  so  desire.  The 
same  options  are  also  available  from  the  Tools  menu  of 
the  browser.  You  can  also  set  the  Search  Engines  that 
TrackMeNot  queries,  queries  to  be  set,  query  frequency 
and  the  logging  options  for  the  performed  queries. 
Keep  m  mind  that  if  third  parties  are  using  other 
means  to  identify  you,  such  as  through  IP  addresses 
and  information  from  your  ISP,  TrackMeNot  will  be  of 
little  use.  However,  in  terms  of  identifying  you  through 
searches  alone,  TrackMeNot  potentially  makes  this  a  lot 
more  difficult  for  third  parties. 

2.9  Restrict  access  to  content  hosted  on  a 
personal  space 
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With  NTFS,  you  can  now  modify  access  rights  depending  on  the 
criticality 
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A       Windows  uses  two  types  of  file  systems:  FAT  and  NTFS.  In 
5       computing,  a  file  system  is  a  method  for  storing  data  and 
'''       making  it  easy  to  find  and  access.  Regarding  the  performance 
^       of  FAT  and  NTFS,  FAT  performs  better  on  smaller  volumes,  but 
P       NTFS  out-performs  FAT  on  larger  volumes,  beginning  around 
A  500MB. 

C  NTFS,  short  for  New  Technology  File  System,  is  the  most 

K       secure  and  robust  file  system  for  Windows.  It  provides  security 

by  supporting  access  control  and  ownership  privileges,  meaning 
J       you  can  set  permission  for  groups  or  individual  users  to  access 
certain  files.  This  can  thus  be  used  to  restrict  access  to  content 
hosted  on  personal  space. 
E  NTFS  has  several  key  features.  It  supports  compression 

C       of  individual  files  and  folders  which  can  be  read  and  written 
U       to  while  they  are  compressed.  It's  a  recoverable  file  system, 
meaning  it  has  the  ability  to  undo  or  redo  operations.  It  also 
supports  Macintosh  files.  The  NTFS  5.0  file  system  can  also 
automatically  encrypt  and  decrypt  file  data  as  it  is  read  and 
written  to  the  disk.  It  will  put  restrictions  the  file/folder/drive 
you  have  selected.  For  instance,  if  you've  selected  a  folder  inside 
your  drive,  it  will  put  restrictions  only  on  that  selected  folder 
and  possibly  any  files  those  are  inside  of  it.  Those  who  can 
access  the  drive  depend  on  the  permissions  you've  set. 

2.10  Encrypt  your  email  and  data 

There  are  several  ways  to  encrypt  data,  and  several  tools  that 
can  be  added  to  mail  programs  that  will  even  do  it  for  you. 
Not  all  are  compatible  with  each  other  so  we'll  just  talk  about 
encrypting  by  hand,  using  the  underlying  technology  that  many, 
though  not  all,  of  those  tools  use  Gnu  Privacy  Guard  or  GPG. 
This  technique  works  with  all  mail  programs.  This  is  command- 
line  tool.  Once  installed,  open  a  Windows  Command  Prompt 
and  run  the  tool  from  there.  It's  perhaps  easiest  to  simply  "CD" 
to  the  directory  containing  the  GPG  executables.  Alternately 
you  can  copy  all  the  "G*.exe"  executables  to  a  different  directory 
already  on  your  PATH. 

Run  "gpg"  once,  and  it  will  create  its  storage  location  for 
keys,  which  it  refers  to  as  your  "key  ring".  In  encryption,  the 
first  approach  that  typically  comes  to  mind  is  password  or 
phrase  encryption.  With  those  techniques,  a  password  is  used 
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Using  public  key  encryption 


to  encrypt  the  data,  and  then  must  be  supplied  again  to  decrypt 
it.  The  data  without  the  password  is  theoretically  useless,  but 
anyone  with  the  password  can  decrypt  it. 

Public  Key  encryption  uses  a  different  style  of  algorithm.  To 
begin  with,  you'll  generate  two  matching  "keys";  a  public  key, 
and  a  private  key.  The  characteristic  of  these  keys  is  such  that 
data  encrypted  with  one  can  only  be  decrypted  with  the  other. 
By  generating  a  public/private  key  pair,  someone  can  encrypt 
data  using  the  public  key  that  can  only  be  decrypted  using  the 
associated  private  key.  If  all  you  have  is  the  public  key,  you  can't 
even  decrypt  what  you've  just  encrypted. 

The  intended  recipient  needs  to  generate  a  public/private 
key  pair.  In  the  Windows  Command  Prompt,  enter  gpg  -gen- 
key.  First  select  which  kind  of  key  you  want,  as  well  as  the 
keysize  (you  can  also  accept  the  default  which  is  2048  bits).  You 
must  also  specify  when  the  key  will  expire  and  to  whose  email 
and  name  it  will  be  valid.  Finally,  enter  a  passphrase  to  protect 
your  key  and  GPG  will  begin  compiling  a  key  pair.  During  the 
process,  it's  a  good  idea  to  move  the  mouse  or  access  your 
drives  as  this  will  give  the  random  number  generator  more  info 
to  work  with. 

At  this  point  your  secret  key  and  your  public  key  have  been 
generated,  and  placed  on  your  key  ring  (which  can  be  managed 
via  the  key  ring  editor).  In  order  to  get  the  public  key  to  the 
person  who  wants  to  encrypt  your  data,  you'll  need  to  export  it: 


MK  FAST  TRACK 


E 


F 
A 
S 
T 

T 
R 
A 
C 
K 

T 
0 

s 

E 
C 

u 

R 


THE  INTERNET 


www.thinkdigit.com 


If*        IT^  "IS 


An  example  Keyring  editor 

c:\>gpg  -a  — export  example@xyz.com  >mykey. 
pub 

This  creates  "mykey.pub",  a  text  file  that  contains  your 
public  key.  You  can  now  mail  this  to  the  person  who's  going  to 
encrypt  data  to  be  sent  to  you,  or  post  it  publicly  if  you  like. 

In  order  to  encrypt  data,  the  sender  will  have  to  install  GPG 
as  above.  They  don't  need  to  create  their  own  public/private  key 
pair  in  order  to  encrypt  your  data.  All  they  need  is  the  pubUc 
key  you  created  above,  and  made  available  to  them  somehow. 
Start  by  "importing"  your  public  key  onto  their  key  ring. 

Note  the  dire  warning  about  making  sure  you  know  whose 
key  you're  dealing  with  at  the  end  of  the  encryption  process. 
There  are  ways  to  modulate  this  message  but  for  now,  assume 
you  can  trust  the  receiver.  The  result  of  this  example  operation 
is  "example.xls. asc".  This  text  file  is  your  encrypted  data.  You 
can  email  it  with  confidence  to  the  intended  recipient,  knowing 
that  only  they  can  decrypt  it  with  their  matching  private  key. 

So  you've  passed  your  public  key  to  the  sender,  they've 
used  it  to  encrypt  your  sensitive  data,  and  have  emailed  you  the 
encrypted  results.  From  your  mail  client,  save  the  encrypted 
data  to  a  text  file  -  it's  ok  to  leave  headers  and  such  in  the  file, 
the  decryption  program  will  ignore  it. 

To  decrypt,  you'll  do  this: 
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c:\>gpg  -o  example.xls  — decrypt  example, 
xls . asc 

The  "-o"  parameter  specifies  the  name  of  the  decrypted  file 
to  create.  Note  that  you  still  need  to  enter  the  passphrase  for 
your  private  key.  This  is  only  an  additional  layer  of  protection 
on  your  private  key.  Without  a  passphrase,  anyone  who 
gains  access  to  your  private  key  would  be  able  to  decrypt  any 
messages  intended  for  you. 

The  weakest  Imk  m  this  process  if  your  private  key.  If  an 
unauthorized  person  gets  a  copy  or  can  guess  the  passphrase  on 
It,  your  security  will  have  been  breached.  So  it  all  boils  down  to 
this:  Keep  your  private  key  secure. 
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3  Cyber  Cafes 

3.1  Elementary  Precautions 

Cyber  cafes  are  very  popular  in  India.  The  technology  revolution 
ensures  that  everyone  has  a  use  for  the  internet.  Computer 
costs  and  casual  use  have  since  facilitated  the  growth  of  cyber 
cafes.  People  mainly  use  cyber  cafes  for  browsing  the  internet, 
checking  their  mail  and  chatting. 

The  first  important  rule  is  to  never  tell  the  cyber  cafe  owner 
(or  anyone  else  for  that  matter)  your  email  ID  and  password  to 
check  your  mail.  This  may  sound  dumb  but  keep  in  mmd  that 
many  old  folks  and  small  kids  have  no  idea  about  the  risks  of 
spam  and  information  theft.  Email  IDs  and  passwords  should 
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Disable  options  that  allow  archiving  of  messages  as  text  files 


always  be  entered  by  their  owners.  At  most,  they  should  ask  for 
guidance  to  the  log-in  screen  to  enter  their  details  personally. 

Another  important  rule  is  the  practice  of  people  commg 
with  their  floppies,  CDs  or  pen-drives  to  send  their  resumes  via 
email.  Usually,  the  individual  computers  have  neither  floppy  nor 
CD  drives  (and  some  places  prohibit  independent  use  of  pen- 
drives  for  security  reasons).  The  media  is  hence  run  through  the 
server  itself  before  being  transferred  to  the  relevant  individual's 
PC.  After  sending  these  documents,  the  user  forgets  about 
deleting  the  documents  on  the  original  server.  More  than  simply 
emptying  the  Recycle  Bm,  you  should  ensure  the  cyber  cafe  has 
a  file  shredder  program  to  properly  delete  the  files.  Resumes 
contain  many  personal  details,  and  you  should  avoid  all  risk  of 
these  being  exposed. 

Other  options  you  should  be  aware  of  when  surfing  include 
disabling  the  option  for  "Remember  my  ID  on  this  Computer" 
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Keyloggers  can  be  used  to  capture  your  personal  information  by 
capturing  your  l<eystrol<es 


when  surfing.  Make  sure  to  turn  off  the  autocomplete  option 
in  the  browser.  This  can  be  done  by  accessing  the  Tools  > 
Internet  Options  >  Autocomplete  tab  in  Internet 
Explorer  and  Tools  >  Options  >  Privacy  >  Password 
tab  m  Firefox.  There  are  also  options  to  clear  your  private 
history  /  temporary  internet  files  while  surfing  m  case  you  don't 
want  your  browsing  history  known. 

Always  make  sure  to  logout  properly  when  using  messenger 
software  or  mail  accounts.  Some  people  make  the  mistake  with 
IM  software  in  simply  closing  the  program,  which  does  not 
shut  it  down  but  minimizes  it  into  the  system  tray.  This  should 
be  taken  care  of  to  ensure  the  next  user  doesn't  use  your  IM 
account  as  he  wishes.  As  specified  above,  make  sure  the  options 
for  remembering  passwords  or  IDs  is  disabled.  You  should  also 
take  care  to  disable  options  that  allow  archiving  of  messages 
as  text  files.  This  helps  in  keeping  conversations  private  and 
personal  info  usually  shared  online  safe. 

Finally,  whenever  you  go  to  a  cyber  cafe,  ensure  it  has  the 
most  up-to  date  anti-virus  and  spyware  definitions.  These  will 
help  root  out  Trojan  horses  and  keyloggers  responsible  for 
tracking  your  activity  and  recording  your  passwords/IDs. 
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3.2  Bypassing  Keybloggers 

A  keylogger  is  basically  spyware.  As  indicated  by  its  namesake, 
it  "logs"  or  records  your  keystrokes.  When  yoti  type  in  your 
username  or  password,  this  information  is  logged  and  made 
available  to  the  hacker.  Keyloggers  can  either  be  physical  or 
software-based,  the  latter  being  more  difficult  to  detect. 


A  keylogger  works  m  several  different  ways: 

•  Each  keystroke  is  recorded  and  immediately  dispatched  to 
some  remote  listener  over  the  internet. 

•  Keystrokes  are  collected  in  a  temporary  file,  which  is  then 
periodically  uploaded  to  the  author's  location  over  the 
internet. 

•  The  keystrokes  are  collected  in  a  temporary  file,  but  much 
like  a  spam  hot,  can  listen  for  and  receive  instructions 
from  the  author.  The  logger  could  thus  upload  the 
collected  information  when  requested. 

•  The  collected  keystrokes  could  never  be  uploaded. 
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Instead,  if  someone  has  remote  access  to  your  machme,  or 
even  physical  access  to  yottr  machine,  they  could  simply 
come  by  and  copy  the  information  manually. 
•  Finally,  the  information  may  not  even  be  kept  on  your 
machine.  There  are  hardware  keyloggers  that  include  a 
little  flash  memory  and  can  be  quickly  inserted  in  between 
keyboard  and  computer  to  capture  all  the  data.  After 
installing,  the  person  behind  it  stops  by  and  picks  up  the 
device  containing  all  your  information. 
There  are  two  basic  methods  for  bypassing  keyloggers, 
both  which  involve  confusing  the  logger  with  random 
keystrokes.  The  first,  when  you  need  to  enter  a  username 
or  password,  is  to  randomly  insert  irrelevant  numbers  and 
letters  in  between  the  same.  Once  entered,  just  select  the 
random  bits  with  the  mouse  and  delete  them  before  logging 
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l<eep  online  relationships  in  the  online  realm 


in.  The  second  is  for  fooling  keyloggers  that  capture  all 
keystrokes  and  not  just  those  typed  in  the  password  box. 
Enter  your  info  randomly  across  the  browser  and  search  bars 
along  with  random  numbers  and  letters.  When  you  wish 
to  log  in,  simply  copy  and  paste  the  relevant  bits  into  the 
log-m  boxes.  Another  option,  on-screen  keyboards,  will  be 
explained  in  a  later  chapter. 

You  can  also  use  KYPS,  a  reverse  proxy  server  that 
takes  a  password,  encrypts  into  a  one-time  code,  printed 
from  the  KYPS  web  site  that  can  be  used  to  log  into 
any  computer  safely.  After  being  decrypted  by  the  KYPS 
system  and  logging  in,  it  deletes  the  one  time  code  as  a 
password.  KYPS  also  acts  as  a  normal  proxy  to  protect 
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KYPS,  a  reverse  proxy  server  can  be  used  to  login  to  any  computer  safely 


your  browsing  history.  When  browsing,  it  displays  the 
KYPS  URL  along  with  random  characters  and  symbols  to 
maximise  security. 

The  "Work  Offline"  option  shouldn't  be  relied  on  too 
often.  This  feature  is  specific  to  Internet  Explorer  or  the 
application  with  that  function,  and  it's  not  too  hard  for  a 
keylogger  to  bypass  something  so  narrow.  Also,  even  if  you 
physically  pulled  out  the  internet  connection  wire  from 
your  PC,  only  the  first  of  the  above  approaches  is  rendered 
harmless.  The  keylogger  can  still  quietly  collect  the  data 
and  transmit  it  when  a  connection  is  available. 

As  such,  there  is  no  way  to  be  100%  careful  against 
keyloggers.  It  depends  on  specific  keyloggers  most  of  the  time. 
However,  you  should  always  remain  cautious  when  entering  a 
cyber  cafe. 

3.3  Safe  Surging 

Safe  surfing  doesn't  simply  refer  to  tips  for  kids  surfing  online. 
Internet  usage  across  the  globe  is  ever  growing.  Hence  it's 
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HSBC  Virtual  keyboard 


necessary  for  everyone  to  remember  a  few  basics  while  surfing 
the  net.  They  can  easily  prevent  you  from  being  the  victim 
of  some  scam  or  being  taken  m  by  someone  who  appears 
trustworthy. 

The  most  elementary  precaution  of  net  surfing  is  to  not  give 
out  any  of  your  personal  information.  This  includes  your  name, 
address,  credit  card  numbers,  phone  number  and  passwords. 
Remain  as  anonymous  as  possible,  as  often  as  possible. 
Remember,  most  credible  sites  and  services  don't  require  this 
information  for  simple  surfing.  If  one  requests  any  of  the  above 
details,  then  beware.  If  cheating  on  the  internet  weren't  so  easy, 
phishing  wouldn't  be  as  common  as  it  is  today. 

Think  carefully  before  creating  an  email  address  or 
screen  name.  Avoid  identifying  whether  you're  a  male  or 
female.  "When  entering  a  chat  room,  make  sure  to  adjust  a 
nickname  substantially  different  from  your  screen  name. 
If  a  conversation  makes  you  uncomfortable,  you  can 
leave  without  worrying  about  having  your  email  tracked 
through  your  screen  name.  Friends  should  also  set  up 
private  chat  rooms  when  chatting  with  people  they  know 
rather  than  discussing  things  in  the  open.  Keep  most 
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Virtual  keyboard 

online  friendships  in  the  onhne  realm.  If  you  really  wish  to 
meet  an  onhne  friend  in  the  real  world,  always  make  sure 
it's  in  a  public  place  and  you're  in  the  company  of  friends 
and  family.  Remember  that  it's  very  easy  for  someone  to  be 
someone  they're  not,  age-wise  and  what  not. 

Read  the  fine  print  on  a  web  page  you  visit.  Even  if 
you  conform  to  the  law,  saying  'yes'  on  some  of  these 
pages  is  as  good  as  giving  your  personal  signature. 
Confirm  that  you  won't  be  receiving  any  unnecessary 
spam  or  that  your  contact  details  are  not  circulated 
with  other  sites.  Avoid  any  pages  of  a  dubious  nature, 
especially  ones  that  ask  for  your  personal  details 
especially  if  you  think  it's  unnecessary.  Any  pop-ups 
that  prompt  you  to  click  on  them  could  be  spyware. 

Always  have  the  latest  security  software  and  remember 
to  keep  it  updated.  If  you  ever  receive  an  anonymous 
attachment  or  email,  delete  it  right  away  without 
opening  it.  Spam  blockers  are  especially  important 
but  don't  neglect  having  anti-virus  and  anti-spyware 
software  installed  on  your  PC.  Firewalls  are  also  good 
for  preventing  any  one  from  illegally  accessing  your  PC 
from  the  outside.  However,  always  remember  that  these 
are  safety  measures.  Only  if  you  apply  a  liberal  amount 
of  common  sense  will  they  be  truly  effective.  Not  even 
the  most  up-to  date  software  can  save  you  when  you're 
willingly  giving  out  personal  details. 

3.4  Using  on-screen  keyboards 

An  on-screen  or  virtual  keyboard  is  a  software  component 
that  allows  a  user  to  enter  characters  into  a  keyboard 
displayed  on  the  display.  It  is  used  by  disabled  users  who 
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cannot  operate  a  physical  keyboard.  It  has  also  emerged  as 
a  key  method  for  reducing  keystroke  logging.  There  are  two 
types  of  on-screen  keyboards:  Program  to  program  or  non- 
web  keyboards  and  web-based  keyboards. 

Non-web  keyboards  are  the  weaker  of  the  two.  These 
keyboards  (such  as  the  onscreen  keyboard  that  comes  with 
Microsoft  Windows  XP)  send  keyboard  event  messages  to 
the  external  target  program  to  type  text.  Every  software 
keylogger  can  log  these  typed  characters  from  one  program 
to  another.  This  problem  persists  with  both  third  party 
and  first  party  virtual  keyboards.  There  are  other  means 
for  protection  in  this  case,  like  dragging  and  dropping 
the  password  from  the  on-screen  keyboard  to  the  target 
program. 

Web-based  keyboards  offer  more  protection.  Some 
commercial  keylogging  programs  thankfully  do  not  record 
typing  on  a  web-based  virtual  keyboard.  Many  banks  like  HSBC 
use  a  virtual  keyboard  for  password  entry. 

Technically,  it's  possible  for  a  malware  to  monitor  the 
display  and  mouse  to  obtain  the  data  entered  via  virtual 
keyboard.  Screenshot  recorders  take  quick  and  regular 
photographs  of  the  desktop,  and  can  effectively  obtain 
the  data  via  virtual  keyboard.  This  is  significantly  harder 
compared  to  monitoring  real  keystrokes.  If  the  recorder  is 
not  fast  enough,  it  cannot  effectively  capture  all  the  mouse 
clicks  displayed. 

On-screen  keyboard  use  can  also  increase  the  risk  of 
password  disclosure  by  shoulder  surfing.  An  observer  can 
watch  the  screen  easily  (and  less  suspiciously)  than  the 
keyboard  and  see  which  characters  the  mouse  moves  to. 
Some  implementations  of  the  on-screen  keyboard  give  visual 
feedback  of  the  key  clicked  by,  say,  changing  its  colour 
briefly.  This  makes  it  much  easier  for  an  observer  to  read  the 
data  from  the  screen.  This  implementation  may  leave  the 
focus  on  the  most  recently  clicked  key  until  the  next  virtual 
key  is  clicked.  This  allows  the  observer  time  to  read  each 
character  even  after  the  mouse  starts  moving  to  the  next 
character.  Finally,  a  user  may  not  be  able  to  point  and  click  as 
fast  as  they  could  type  on  a  keyboard,  thus  making  it  easier 
for  the  observer.  This  especially  becomes  a  problem  in  cyber 


nM  FAST  TRACK 


www.thinkdigit.com 


CYBER  CAFES 


cafes  that  do  not  feature  separate  cubicles  for  privacy. 

Fortunately,  software  exists  to  combat  some  of  these 
problems.  Corallo  Software's  Virtual  Keyboard  application 
provides  an  option  to  make  the  keyboard  transparent 
(0-90%)  when  you  move  the  cursor  away.  It  can  handle 
command-key  combinations,  modifier  key-click  combinations 
and  auto-key  repeat.  The  shareware  program  is  applicable 
for  14  days  before  registration  but  a  Lite  freeware  version  is 
also  available.  Both  have  support  for  all  operating  systems, 
including  Mac  OS  8  and  Intel-based  Macs. 
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4.1  Protection  with  intrusion 

WiFi  is  a  Peer  to  Peer   

(P2P)  file  sharing 
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Disable 
Status 

Repair 


View  Available  Wireless  Networlis 


Change  WindoiAis  Firewall  settings 


Open  Network  Connections 


Finding  available  networks 


service  just  like 
Bluetooth.  Anyone 
can  get  into  your 
connection  if  your 
WiFi  is  not  secure. 
Before  securing  your 
WiFi,  it's  important 
to  check  how  secure 
It  really  is.  Right 
click  on  the  small 
wireless  network  icon 

on  your  Task  Bar.  Select  "View  Available  Wireless  Networks" 
from  the  available  menu.  There  are  usually  two  types  of 
networks:  Security-enabled  wireless  network  and  unsecured 
wireless  network.  The  former  needs  a  security  key  (a  password 
most  times)  to  access.  An  unsecured  wireless  network  can  be 
logged  into  without  a  password.  An  insecure  network  is  roughly 
equal  to  an  insecure  WiFi  router,  so  take  the  following  steps  to 
secure  your  WiFi  network. 


1 


Creating  a  wireless  profile 
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The  Router/ Access  point  is  the  main  config  unit.  Whoever  A 

infiltrates  this,  can  change  security  settings  Uke  passwords,  ^ 

encryptions  and  more.  Most  routers  have  default  passwords  and  ''' 

SSID  (Service  Set  Identification),  so  make  sure  to  change  the  j 

passwords  to  make  the  entire  system  secure.  The  SSID  identifies  p 

your  router.  Most  companies  use  default  ones  which  come  a 

with  the  router  like  Linksys,  wireless  or  WTAN  or  they  their  C 

company  name.  Choose  a  more  secure  password,  like  a  random  ^ 

combination  of  letters  and  numbers.  The  most  important  part 

is  to  disable  SSID  broadcasting  which  transmits  the  SSID  to  ''' 

0 

everyone  m  range.  It  is  recommended  that  the  encryption  keys 

and  the  SSID  are  changed  very  frequently.  S 

Remote  management  is  used  to  access/modify  the  e 
configuration  of  Router/ Access  point  from  any  client  machines  C 
using  login  ID  and  password.  It's  recommended  this  is  disabled.  ^ 
For  any  configuration,  have  one  connect  physically  to  a  machine  " 
via  a  network  cable.  If  your  WiFi  offers  WPA2  encryption,  then  ^ 
use  it  (if  the  router  does  not  support  it,  you  can  choose  WPA  or  y 
WEP).  Then  make  sure  a  password  is  assigned  which  is  more  or 
less  invulnerable  to  dictionary  attacks  and  choose  the  highest 
available  encryption  option  (232->104->40). 

Most  of  us  use  WiFi  at  home  or  in  the  office.  It  is 
recommended  to  lower  the  transmit  level  and  reduce  the  area  of 
the  WLAN  covers.  This  will  help  in  providing  WiFi  signals  to  a 
specified  area  and  lower  the  risk  of  intrusions. 

Ad-Hoc  mode  allows  for  direct  communication  of  all  devices 
connected  to  the  wireless  LAN  through  the  access  point/router. 
Disable  Ad-Hoc  when  available.  Also  turn  off  Broadcast  ping  on 
the  access  point/router.  This  will  make  your  router  invisible  to 
802.11b  analysis  tools.  Most  WiFi  is  kept  on  for  24  hours.  It's 
recommended  to  switch  off  the  WiFi  router  when  not  in  use. 


Peer  to  peer  (P2P)  file  sharing  has  become  popular  but  not 
without  a  heightened  amount  of  threats.  Users  often  receive  files 
from  unknown  senders  which  can  lead  to  security  problems, 
especially  with  music  and  media  sharing.  Like  any  personal 
computer,  these  files  can  be  malware  that  infiltrate  and  cause 
havoc  within  your  laptop.  The  entry  points  for  intruders  are  the 
very  same  open  ports  that  allow  you  to  transfer  files. 


4.2  Protect  Bluetooth  intrusions 
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Make  sure  to  only  perform  file  transfers  from  trusted  sources. 
Besides  reducmg  ttie  risk  of  downloaded  files  fiaving  malware, 
there's  an  element  of  accountability.  Hence  you  get  a  better 
response  if  there  is  a  problem.  Keep  an  anti-virus  scanner  handy 
when  transferring  files  over  Bluetooth  or  P2P.  While  it  may  slow 
down  the  transfers,  it's  definitely  much  safer. 

Sometimes,  after  you  discover  an  intrusion,  you  are  left 
with  no  option  but  to  format  your  hard  drive  and  reinstall 
your  operating  system.  Keep  backups  of  important  data  so 
you  can  restore  your  important  files  quickly.  Typical  backup 
methods  apply  here,  and  just  like  before,  keep  your  info  in  a 
secure  location  separate  from  your  laptop  to  ensure  it  remains 
unaffected. 

Remember  to  turn  off  Bluetooth  when  you're  not  using  it.  To 
turn  off  Bluetooth  on  a  Windows  Pocket  PC  enabled  device: 

1.  Click  on  the  Windows  icon  in  the  top  left  corner  of 
the  screen  and  choose  Settings. 

2.  In  Settings,  choose  Connections  and  then  Bluetooth. 

3.  If  you  see  that  Bluetooth  is  turned  on,  click  on  the 
Turn  Off  button. 

You  can  also  use  the  passkey  option  to  eliminate  unwanted 
connections.  Only  people  who  have  a  personal  password  can 
connect  to  your  device.  This  way,  you  are  notified  if  anybody 
tries  to  establish  a 
connection  vvdth  you. 
To  use  passkey,  click  on 
the  Bluetooth  Manager 
and  select  Passkey. 

You  can  protect 
your  mobile  device 
by  preventing  other 
devices  from  finding 
you  and  connecting 
to  you.  This  way,  you 
can  still  connect  to 
other  devices,  but  they 
cannot  connect  to  you 
first.  This  protects  you 
from  sneak  attacks.  To 
disable  discovery  on  a 


Turning  Bluetooth  on  or  off 
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You  can  disable  discovery  from  liere 

Windows  Pocket  PC-enabled  device: 

1.  Click  on  the  Windows  icon  in  the  top  left  corner  of 
the  screen  and  choose  Settings. 

2.  In  Settings,  choose  Connections  and  then  Bluetooth. 

3.  Click  on  Accessibility  to  get  to  the  screen  shown  m  the 
figure  below. 

4.  Uncheck  the  "Allow  other  devices  to  connect"  and 
"Other  devices  can  discover  me"  boxes. 

Finally,  make  sure  the  public  network  you  are  accessing  is 
secure.  If  a  network  does  not  ask  you  to  identify  yourself  with 
a  password,  then  beware.  Just  about  anyone  can  log  onto  the 
same  network  as  anonymously.  It's  better  to  avoid  unfamiliar 
networks  than  to  risk  any  attacks. 

4.3  Securely  share  Wi-Fi  connectivity  witli 
otiier  devices 

We've  gone  over  the  risks  of  using  a  Wi-Fi  network  that  is 
insecure.  But  what  if  you  want  to  connect  with  devices  and  do 
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so  securely?  This  is  usually  the  case  when  one  wants  to 

1.  Provide  wireless  internet  to  a  group  of  users  who 
cannot  access  a  restricted  part  of  your  Local  Area  Network 
(LAN).  This  can  be  called  public  access  wireless  internet  users 
(even  though  it  may  not  permit  the  general  public  to  access  the 
LAN). 

2.  The  restricted  part  of  your  LAN  contains  your  NAS, 
some  PCs,  and  other  devices.  The  restricted  part  needs  to 
exchange  files  among  other  devices  on  the  restricted  part  but 
not  with  devices  on  the  public  access  side. 

Let's  assume  that  you  want  to  do  wireless  access  on  the 
restricted  side.  There  are  two  ways  to  do  this  that  come  to  mind. 

Purchase  a  router  that  supports  at  least  2  LAN  subnets  via 
wireless  access  points.  The  Adtran  Netvanta  3120  with  their 
Netvanta  150  wireless  access  point  will  do  this;  a  Motorola 
WS  2000  will  also  do  this.  Configure  subnet  #  1  for  restricted 
users  and  give  it  a  subnet  like  192.168.10.0/24  (24  means  24 
bit  subnet  mask  of  255.255.255.0);  configure  subnet  #  2  for 
public  users  ADN  give  it  a  subnet  like  192.168.20.0/24.  Use  the 
MAC  address  of  the  restricted  devices  to  permit  these  devices 
onto  the  192.168.10.0/24  subnet  which  will  automatically  put 
these  devices  in  the  proper  subnet.  All  other  devices  will  be 
automatically  sent  to  192.168.20.0/24.  With  separate  subnets 
the  2  groups  are  separated  m  their  own  virtual  LANS  or  VLANS. 

Have  your  existing  router  and  wireless  strongly  secured 
including  MAC  address  validation,  WPA  or  WPA2  with  strong 
pre-share  key.  Note  the  subnet  you  have  with  this  router 
(probably  192.168.0.0  /  24  or  192.168.1.0  /  24;  no  need  to 
change,  just  note  it.  Purchase  a  second  wireless  router  and  give 
it  a  different  subnet,  something  like  192.168.20.0/24  and  do  not 
provide  security  on  it. 
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4.4  Prevent  ''shoulder  surfing'' 

In  computer  security,  shoulder  surfing  refers  to  using  direct 
observation  tediniques,  such  as  looking  over  someone's 
shoulder,  to  get  information.  Shoulder  surfing  is  particularly 
effective  m  crowded  places  because  it's  relatively  easy  to  observe 
someone  as  they  enter  passwords  on  a  computer,  fill  out  a  form 
or  enter  their  PIN  at  an  automated  teller  machine  (ATM). 

Shoulder  surfing  can  also  be  done  at  a  distance  using 
binoculars  or  other  vision-enhancing  devices.  Inexpensive, 
miniature  closed  circuit  television  cameras  can  be  concealed 
in  ceilings,  walls  or  fixtures  to  observe  data  entry.  To  prevent 
shoulder  surfing,  it  is  advised  to  shield  paperwork  or  the 
keypad  from  view  by  using  one's  body  or  cupping  one's  hand. 
"When  working  on  a  laptop,  ensure  that  your  back  is  to  a  wall 
with  no  open  sides  close  to  you  or  to  enter  your  passwords  in  a 
secluded  location. 

Recent  automated  teller  machines  now  have  a  sophisticated 
display  which  discourages  shoulder  surfers.  It  grows  darker 
beyond  a  certain  viewing  angle,  and  the  only  way  to  tell  what  is 
displayed  on  the  screen  is  to  stand  directly  in  front  of  it. 

Certain  models  of  credit  card  readers  have  the  keypad 
recessed,  and  employ  a  rubber  shield  that  surrounds  a 
significant  part  of  the  opening  towards  the  keypad.  This  makes 
shoulder-surfing  significantly  harder,  as  seeing  the  keypad  is 
limited  to  a  much  more  direct  angle  than  previous  models. 
Taken  further,  some  keypads  alter  the  physical  location  of  the 
keys  after  each  key-press.  For  example  the  digit  1  may  be  the 
upper  left  on  the  first  press,  then  moves  to  the  bottom  right  for 
the  second. 

4.5  Encypt  your  hard  drive 

Securing  computer  data  through  encryption  software  has  become 
a  clear  necessity  for  many  businesses  and  individuals  carrying 
sensitive  information  on  their  laptops  or  USB  flash  dnves. 
Unfortunately,  many  people  do  not  encrypt  their  data  because  it 
is  not  easy  to  implement  in  "Windows  and  the  learning  curve  is 
too  high.  However,  thanks  to  open  source  initiatives,  you  can  use  a 
completely  free  program  called  TrueCrypt  to  encrypt  an  entire  hard 
drive,  a  USB  flash  drive,  or  even  create  a  virtual  encrypted  disk  m  a 
file  that  acts  as  a  real  disk. 
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TrueCrypt 
can  create  a 
virtual  disk  on 
your  computer 
that  will  look 
and  feel  just 
like  a  normal 
disk  on  your 
computer.  The 
"drive"  will 
actually  be 
a  file  stored 
on  your 

computer,  but  it 
IS  completely  encrypted  and  secure,  so  that  when  you  turn  off 
your  computer,  the  data  can't  be  recovered  unless  you  know  the 
correct  password.  Of  course,  losing  this  password  means  losing 
your  data,  so  don't  forget  it  under  circumstance.  It  even  encrypts 
the  file  names  and  the  folder  names  on  the  volume.  TrueCrypt 
supports  Windows  Vista  and  Windows  XP  x64.  It  also  runs  on 
Linux  and  you  can  open  a  TrueCrypt  volume  on  any  of  these 
platforms. 

Once  installed,  click  on  Create  Volume.  Choose  Create  a 
Standard  TruCrypt  Volume.  Click  Select  File,  browse  to  where 
you  want  the  file  stored  and  type  in  a  name  for  the  file.  Next 
choose  the  encryption  that  you  want.  The  default  option  is  the 
lowest  encryption  method,  AES  and  the  last  m  the  drop  down 
being  the  highest.  Remember,  each  time  something  is  read  from 
the  virtual  disk,  it  has  to  be  decrypted  and  it  will  take  more  time 
to  decrypt  if  the  encryption  is  stronger. 

Next  choose  the  size  for  your  virtual  drive.  Click  Next  and 
now  type  in  a  strong  password.  It  is  essential  you  type  in  a 
long  and  complex  password  so  that  it  cannot  be  easily  cracked. 
As  such,  the  program  asks  for  a  minimum  of  20  characters. 
On  the  next  screen,  a  random  header  and  master  key  will  be 

^11  1,1,1^  w'Trm  JM**  <a 

An  encrypted  drive 


Encrypting  a  drive's  contents 
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generated.  Choose  the  format  of  the  drive  and  click  Format. 
Finally,  click  Fxit  to  get  back  to  the  main  screen.  Choose  a 
letter  from  the  drive  list  and  click  Select  File  to  pick  the  volume 
that  you  will  be  mounting.  Now  click  the  Mount  button  at  the 
bottom  to  "connect"  or  mount  the  file  to  the  selected  drive 
letter.  You'll  be  asked  to  type  in  the  password  that  you  entered 
while  creating  the  virtual  volume.  Click  OK  and  you  should  see 
the  list  updated.  Your  new  drive  will  now  show  up  in  Windows 
Explorer  as  a  local  disk. 

Now  you  can  use  the  drive  normally.  When  you  restart  or 
turn  off  your  computer,  the  drive  is  dismounted  and  the  drive  is 
inaccessible.  When  Windows  starts,  you  will  have  to  re-mount 
the  drive  with  the  correct  password.  You'll  only  be  asked  for  the 
password  whenever  the  computer  is  started  up. 

4.6  Theft  protection  measures 

Your  laptop  is  at  as  great  a  risk  of  theft  as  it  is  of  spyware, 
Trojans  and  hackers  infecting  it.  At  times,  the  threat  can  be 
greater  simply  because  it's  so  easy  to  have  your  laptop  stolen.  If 
this  weren't  the  case,  airline  pilots  wouldn't  have  laptops  with 
the  social  security  numbers  and  personal  details  of  some  3600 
employees 
compromised. 
For  all  the 
encryption 
methods 
available,  there 
are  also  ways 
to  prevent  your 
laptop  from 
being  stolen. 

The 
number 
one,  easiest, 
cheapest 
and  most 
obvious  laptop 
protection 
technique  is 

to  simply  be         a  security  cable 
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Try  stealing  this  laptop,  and  you'll  probably  break  the  table 


aware  that  it's  an  easy  target  for  theft.  Stay  afert  at  afl  times. 
Never  leave  your  laptop  alone  at  a  table  in  a  restaurant  or 
public  place.  Be  aware  of  the  unsecure  areas  from  which  your 
laptop  could  be  stolen  like  for  instance,  a  crowded  bus,  or  when 
walking  home  late  at  night.  Just  the  very  thought  that  you're 
responsible  for  something  incredibly  important  is  enough  most 
of  the  time. 

A  security  cable  is  one  of  the  most  popular  laptop  protection 
tools.  You  wrap  the  cable  around  an  immovable  object  and 
insert  the  locking  head  through  the  cable  loop.  An  immovable 
object  can  include  anything  from  sinks,  around  steering  wheels, 
pipes  that  go  into  the  sink  and  even  the  base  of  the  toilet.  Even 
if  a  thief  sneaks  into  your  house  when  you're  asleep,  it  won't  be 
easy  for  him  to  walk  in  and  walk  out  with  your  information. 

Motion  detecting  alarms  are  also  available  for  laptops. 
Simply  attach  it  to  a  carry  case  or  laptop,  alarm  it  with  the 
adjoining  key  pad  and  it's  ready  to  yell  at  the  slightest  bump 
or  jiggle.  Remember  to  keep  the  batteries  fully  functional. 
Many  motion  detecting  alarms  are  included  with  security  cable 
nowadays. 
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A  unique  method  is  Caveo's  Anti-Theft  PC  Cards.  They 
operate  by  detecting  motion,  analyzing  it  to  determine 
whether  a  threat  exists,  and  implementing  responses.  They 
are  independent  of  the  computer  operating  system  and 
operate  whether  the  laptop  is  on  or  off  If  an  armed  system  is 
carried  beyond  a  perimeter  specified  by  the  user,  Caveo  Anti- 
Theft  assumes  theft  and  invokes  strong  responses,  including 
preventing  access  to  the  operating  system,  securing  passwords 
and  encryption  keys,  and  sounding  an  audible  alarm  (which  is 
optional).  This  same  technology  is  used  by  museums  to  prevent 
collection  theft. 

One  or  more  combination  of  the  above  technique  and 
tools  should  be  more  than  enough  to  ensure  necessary  laptop 
protection. 

4.7  Firewalls  and  snoopware  protection 

Snoopware  is  malware  deployed  invisibly  in  your  system.  The 
snoop  software  can  store  just  about  anything  that  you  do  in 
your  computer.  Snoopware  can  store  all  the  keystrokes  you 
make.  Snoopware  can  also  get  all  your  login  information. 
Snoopware  can  store  and  log  all  your  typed  URLs,  store  credit 
card  numbers  and  can  also  log  all  the  windows  you  opened.  It 
can  also  take  screenshots  of  your  system  at  specified  intervals. 
Above  all,  snoopware  can  send  all  these  data  to  any  remote 
location,  automatically,  using  your  Internet  connection  (which 
can  be  combated  using  firewalls). 

Snoopware 
mainly  employed 
for  monitoring 
employee  activities 
and  activities  of 
children  on  the 
net.  However,  it's 
mainly  employed 
for  malicious 
purposes  and  can 
be  considered  in 
the  same  league  as 
spyware.  Besides, 
even  if  the  software 
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Spybot  can  prevent  malware  from  spying  on  you 

is  there  without  your  permission  at  work,  it's  ultimately  you 
who  decides  whether  you  want  your  activities  to  be  known 
or  not.  If  you  are  very  hesitant  in  revealing  your  private  and 
important  data,  it  becomes  essential  to  fight  back  and  snoop  out 
the  snoopware.  Thankfully  there  is  anti-snoopware  software  that 
will  help  you  find  out  the  snoopware  m  your  system  and  also 
clean  them  from  your  computer. 

Your  first  step  is  to  download  a  good  anti-spyware  program 
(Spybot:  Search  and  Destroy  will  work  nicely).  Scan  your 
computer  for  spyware,  which  can  range  from  registry  keys, 
cookies,  and  other  snoopware  and  loggers  installed  m  your 
system.  Remove  the  installed  spywares  and  cookies  using 
Spybot.  Of  course,  even  if  you  remove  these  snooping  programs 
from  your  computer,  there  is  no  guarantee  it  won't  come  back. 
Like  an  anti-virus  scanner,  schedule  daily  updates  and  scans  to 
keep  your  system  clean,  safe  and  up  to  date.  There  are  plenty  of 
new  snoopware  being  developed  on  a  daily  basis,  so  Spybot's 
easy  and  secure  updating  comes  in  handy.  Firewalls  are  most 
useful  for  denying  any  one  remote  access  into  your  computer. 
Also  see  the  section  on  keyloggers  for  effectively  combating 
snoopware  that  records  your  keystrokes. 
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Portable  Devices 

Portable  devices,  such  as  portable  hard  drives  and  thumb  drives 
are  a  very  common  entry  points  for  viruses  and  trojans.  A  stmt 
at  a  cybercafe,  or  using  your  portable  device  at  office  and  home 
is  very  likely  to  infect  your  computers.  There  are  a  few  simple 
steps  that  can  be  taken  to  protect  your  portable  drives  from 
common  Viruses  and  Trojans.  The  method  discussed  below  will 
work  even  if  the  account  on  the  computer  you  are  working  with 
does  not  have  administrator  privileges. 

5.1  Protect  External  data  from  Viruses  and 
Worms 

The  simplest  way  to  protect  your  portable  device  from  infection 
is  to  use  a  portable  antivirus.  The  most  robust  portable  antivirus 
solution  is  ClamWm,  an  open  source  anti-virus.  However, 
ClamWm  is  not  as  good  on  performance  and  detection  as  some 
of  its  commercial  counterparts.  You  will  have  to  download 
regular  updates,  to  make  sure  that  the  anti-virus  is  ready  to 
tackle  the  latest  threats.  Also,  ClamWin  does  not  include  any 
kind  of  on-access  scanning,  which  means  that  you  can  take 
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care  of  the  virus  problem  only  after  the  infection. 

The  portable  version  of  ClamWm  can  be  downloaded  from 
portableapps.com.  Once  the  installation  client  is  downloaded,  you 
will  have  to  connect  your  portable  drive  to  the  computer  You  will 
have  to  connect  an  external  hard  drive  or  other  portable  device  at 
this  point  to  the  computer.  Install  the  application,  and  select  the 
portable  location  for  installation.  The  application  won't  appear  in 
the  Program  Files  listing,  so  every  time  you  want  to  run  it,  you  have 
to  navigate  to  the  portable  device  using  Explorer,  and  manually 
click  on  the  ClamWinPortable.exe  file  to  start  ClamWin  up. 

The  first  time  you  start  ClamWm,  you  will  have  to  download 
and  install  the  virus  definitions.  These  help  ClamWin  stay 
up  to  date  with  the  latest  threats,  and  handle  them.  The  first 
time  this  is  done,  it  will  take  some  time,  depending  on  your 
internet  speed.  After  the  first  time  the  updates  are  downloaded, 
subsequent  definition  updates  take  comparatively  less  time. 
Also,  as  ClamWin  is  a  portable  software,  you  can  copy  and  paste 
the  ClamWin  folder  m  a  number  of  portable  locations,  after  the 
virus  definitions  have  been  updated. 

Click  on  scan,  and  select  the  device  you  want  to  scan.  This 
can  include  the  device  that  you  have  the  anti-virus  in,  or  the 
host  computer.  Scanning  will  take  some  time,  and  then  a  report 
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of  all  found  threats  will  be  posted  on  the  screen. 

There  is  a  simple  method  for  on-access  protection,  on  any 
location  with  access  to  the  internet.  This  however,  requires  you  to 
be  aware  of  the  standard  processes  that  run  on  the  host  computer 
There  is  a  tool  known  as  Process  Explorer  Process  Explorer,  is 
an  alternative  to  the  Windows  Task  Manager,  with  a  few  more 
nifty  features  thrown  in.  The  advantage  that  Process  Explorer  has 
over  Windows  Task  Manager  is  that  you  can  pause  troublesome 
processes  instead  of  halting  them.  Many  viruses,  Trojans  and 
worms  are  written  in  such  a  way  that  once  the  process  they  are 
running  is  closed  down,  they  are  immediately  restarted.  Process 
Explorer  merely  freezes  these  processes,  with  effect  that  they 
cannot  do  anything  harmful,  or  spread  to  other  devices. 

There  is  a  portable  version  of  Process  Explorer,  that  can 
be  taken  around  in  a  USB  drive.  Another  alternative  is  to  run 
Process  Explorer  live,  from  the  internet,  which  can  be  done  at 
http://live.svsinternals.com/procexp.exe. 

This  however  requires  a  fair  idea  of  the  harmful  processes 
that  you  have  to  watch  out  for  and  stop.  Just  head  over  to 
www.processlibrary.com,  and  you  will  get  a  good  idea  of  what 
processes  to  watch  out  for.  The  most  dangerous  processes  at  any 
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point  of  time  are  listed  on  the  front  page  itself.  You  can  search 
for  stispicious  processes,  and  find  out  why  they  are  running, 
and  what  they  are  doing  on  the  computer. 

Process  Library  also  offers  a  small  freeware  utility  that 
let's  you  scan  all  the  processes  running  on  the  computer 
for  potential  threats.  This  software  is  available  at  www. 
processlibrary.com/processscan.  Once  the  scan  is  completed, 
the  program  communicates  with  the  Process  Library  servers, 
and  throws  up  a 
HTML  page  with 
the  scan  results. 
Look  in  the 
recommendation 
column  for 
advice  on  what 
to  do.  If  you 
want  to  rid  the 
host  computer 
of  the  viruses  or 
worms,  you  will 
have  to  go  ahead 
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and  use  an  anti-virus.  However,  if  you  merely  want  to  safely 
use  your  portable  memory,  use  Process  Explorer  to  halt  the 
processes  that  were  alerted  by  the  process  scan,  and  proceed  by 
plugging  in  the  portable  storage  device. 

5.2  Securely  carry  personal  passwords 

There  is  a  concept  known  as  a  "life  password",  which  is  a 
common  tendency  amongst  computer  users.  Most  people 
use  the  same  password  for  all  the  websites  that  they  use, 
includmg  forums,  social  networking  sites,  image  hostmg 
sites  and  for  the  whole  host  of  services  that  Web  2.0  has  to 
offer.  This  is  actually  a  very  risky  thmg  to  do,  as  if  a  single 
site  gets  compromised,  or  you  are  misled  into  signing  up 
on  a  bogus  website,  all  your  accounts  are  compromised. 
Your  e-mail  account  is  a  step  away  from  your  financial 
details,  which  are  enough  to  scam  you.  Another,  marginally 
more  secure  approach  that  people  have  is  to  use  high- 
level  passwords  for  the  more  sensitive  sites,  and  low-level 
passwords  for  all  the  other  websites  that  they  frequent. 
This  too,  is  not  as  secure  as  having  a  different  password 
for  different  sites. 

The  total  number  of  passwords  a  modern  computer  user 
has  to  keep  track  of,  can  quickly  get  very  complicated  and 
hard  to  manage.  For  this  purpose,  people  use  a  password 
"safehouse",  such  as  KeyPass,  to  keep  their  passwords  secure 
and  available  at  any  point  of  time.  KeyPass  stores  all  the 
passwords  for  all  your  accounts  in  one  secure  location.  The 
passwords  are  stored  in  a  database,  for  retrieval  whenever 
necessary.  KeyPass  encrypts  the  files  with  the  passwords 
that  it  stores,  so  it  would  take  considerable  time  and  effort 
to  decrypt  the  password  file,  even  if  the  attacker  has  a  lot  of 
computer  resources  at  his  disposal.  It  is  possible  to  choose 
a  combination  of  protection  for  your  passwords,  that  all  the 
present  computing  power  allocated  to  cracking  the  encrypted 
text  file  for  the  rest  of  the  lifetime  of  the  universe  would 
not  be  able  to  crack  it.  KeyPass  is  very  secure,  but  the  users 
will  have  to  be  careful  of  two  things,  the  master  password 
to  access  the  password  database,  and  the  key  file,  if  the 
user  decides  to  make  one.  A  keyfile  is  a  block  of  randomly 
generated  data,  that  is  used  to  codify  the  passwords,  and  to 
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decode  them  when  they  are  to  be  retrieved. 

The  benehts  of  using  KeyPass  are  twofold.  Apart  from 
securely  storing  all  the  data  in  an  encrypted  database, 
KeyPass  can  be  used  to  enter  in  login  and  password 
information  automatically.  In  case  the  computer  you  are  using 
has  a  software  or  hardware  keylogger  installed,  to  monitor 
internet  usage  and  extract  login  details  for  accounts,  then 
KeyPass  is  very  effective  at  going  around  such  keyloggers.  In 
fact,  KeyPass  uses  a  process  called  obfuscation,  that  sends 
a  strong  of  random  characters  to  any  keylogger,  and  in  that 
sense  is  more  effective  than  using  a  virtual  keyboard. 

The  first  time  you  start  up  KeyPass,  you  will  have  to  set  it 
up  m  a  number  of  ways.  On  first  run  of  the  software,  you  will 
have  to  choose  two  key  aspects  of  your  security.  The  first  is  the 
master  password,  which  gives  you  access  to  all  the  passwords. 

The  longer  the  master  password,  the  harder  it  is  to  crack. 
Remember  that  a  lot  of  intrusion  occurs  from  people  the  victims 
know  of  in  real  life.  So  choose  something  that  people  who  know 
you  cannot  guess  as  being  your  password.  Also,  keep  its  length 
above  12  characters  at  least,  and  use  capitalisation,  numerals 
and  symbols.  Once  a  password  is  created,  KeyPass  throws  up 
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a  "strength"  of  the  password,  which  is  a  measure  of  how  tough 
the  password  is  to  crack  using  brute  force  methods.  Anything 
over  the  50  bit  strength  is  good  enough  for  most  purposes.  The 
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second,  is  the  keyfile.  A  keyfile  is  not  strictly  necessary,  but  is 
a  far  more  secure  way  of  encrypting  your  data  tfian  tfie  master 
password.  Say  your  master  password  is  even  20  characters  in 
length,  which  is  very  difficult  to  remember  and  very  long,  brute 
force  efforts  can  still  break  through  the  password.  "Brute  Force" 
or  "Dictionary"  approaches  to  password  cracking  use  every 
possible  combination  of  letters  and  numbers  to  get  in,  and  while 
time  consuming  and  laborious,  it  is  very  efficient.  This  is  where 
the  added  security  of  a  keyfile  comes  in. 

Keyfiles  use  incredibly  long  strings  of  random  data,  and  are 
tougher,  if  not  impossible,  to  crack  using  brute  force  methods. 

KeyPass  generates  the  key  file  for  you,  if  you  choose 
to  go  for  one.  There  are  two  methods  for  generating  the 
keyfile,  and  they  appear  side  by  side  in  one  window. 
The  option  on  the  right  allows  you  to  move  the  mouse 
randomly  over  a  field.  The  second  option  lets  you  key 
in  a  string  of  random  characters.  Both  these  approaches 
are  preferred  over  a  computer  approach  at  generating  a 
random  key,  because  computers  have  a  very  limited  ability 
at  generating  truly  random  data.  The  erratic  movements  of 
the  human  is  a  far  more  random  element,  and  therefore  a 
stronger  source  of  random  data  than  what  the  computer 
can  generate.  It  is  generally  preferable  to  use  the  mouse 
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movement  as  a  mode  of  input  rather  than  typing  out 
random  keys,  as  typing  out  random  keys  wont  be  as 
random  as  moving  the  mouse  in  a  random  fashion. 

Now  the  database  is  opened  up,  and  you  can  go  about 
adding  the  relevant  details.  Add  m  the  website,  the  account 
information,  and  the  login  details.  Enable  auto-type  for  the 
frequently  used  entries.  KeyPass  is  portable,  so  you  can  take 
these  settings  with  you  when  you  move  between  computers. 
When  you  enable  Auto-type,  a  warning  will  pop  up  that  Auto- 
type will  not  run  on  all  windows.  Auto-type  just  does  not 
work  in  some  very  obscure  scenarios,  such  as  when  a  user  is 
using  a  text  based  browser,  or  when  using  a  command  line 
interface.  However  it  is  unlikely  that  a  lay  user  will  run  into 
such  applications. 

While  enabling  Auto-type,  there  is  a  check  box  for  enabling 
obfuscation.  Obfuscation  is  the  feature  that  bamboozles 
keyloggers.  Targeted  programs  can  be  written  to  bypass  the 
obfuscation,  but  these  are  rare.  When  you  enable  obfuscation, 
a  prompt  will  appear  that  warns  you  that  obfuscation  does  not 
work  all  the  time,  this  is  for  the  command-line  scenario,  so  you 
can  ignore  it. 

5.3  Hide  and  password  protect  data 

TrueCrypt  is  an  excellent  free  encryption  software,  that  securely 
hides  away  data.  The  data  is  encrypted  using  strong  encryption 
algorithms  called  ciphers.  If  anyone  gains  access  to  the  data, 
they  will  not  be  able  to  open,  read  or  write  the  data.  For  all 
appearance,  it  is  just  a  garbage  file,  that  is  a  file  that  takes  up 
disc  space  without  serving  any  useful  purpose.  One  of  the  many 
approaches  that  TrueCrypt  has  to  securely  store  data,  is  to 
create  a  virtual  file  container.  This  creates  a  virtual  hard  drive, 
then  encrypts  it.  The  entire  drive  is  saved  as  a  single  file,  which 
is  something  like  an  expanding  image  file.  Once  you  give  in  the 
correct  password,  and  a  keyfile,  if  you  choose  to  use  one. 

Once  you  have  installed  TrueCrypt,  go  to  Volumes>Create 
New  Volume.  The  TrueCrypt  Volume  Creation  Wizard  opens 
up.  There  are  three  choices  available,  choose  the  first  one.  This 
is  "Create  an  encrypted  file  container".  The  description  suggests 
this  for  new  and  inexperienced  users,  because  this  option 
will  not  mess  up  your  operating  system,  or  any  other  drive  if 
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something  goes  wrong.  Select  this  option,  and  chck  on  Next. 

There  are  two  options  available  m  the  next  step.  The  Erst 
option  is  a  standard  TrueCrypt  volume,  the  second  option  is 
a  hidden  TrueCrypt  volume.  The  standard  TrueCrypt  volume 
should  be  the  choice  for  most  users.  The  standard  TrueCrypt 
volume  is  also  hidden,  and  encrypted,  but  the  hidden 
TrueCrypt  volume  offers  another  layer  of  mpenetrability.  In 
case,  for  any  reason,  someone  comes  to  know  that  you  have 
hidden  data  in  a  virtual  container,  and  you  are  forced  to  reveal 
the  password  and  the  passkey  to  the  person,  then  the  hidden 
TrueCrypt  volume  will  come  to  your  rescue.  What  this  does 
is  create  two  hidden  volumes,  a  fake  one  and  a  real  one.  The 
user  will  have  to  convincingly  hide  sensitive  looking  data  in  the 
fake  hidden  volume,  so  that  the  user  can  show  this  data  when 
forced.  However,  for  most  users,  the  standard  TrueCrypt  volume 
is  good  enough. 

Click  on  Next.  In  this  dialogue  box,  you  will  have  to  choose 
a  file.  You  need  a  path  for  the  file,  but  the  prompt  is  designed  in 
a  slightly  confusing  way.  You  will  have  to  navigate  to  a  particular 
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file  and  select  it.  An  easy  way  to  do  this  is  create  a  blank  text 
file  and  select  it.  The  encrypted  voltime  can  have  any  extension, 
so  you  can  hide  the  file  in  plain  sight,  and  people  won't  know 
what  it  is.  Some  extensions  are  prompted  as  being  problematic, 
including  .dll,  .exe,  .bat  and  a  few  other  system  related 
extensions.  Even  if  you  use  these  extensions,  by  and  large,  there 
should  not  be  any  major  problems. 

The  next  step  is  to  select  an  encryption  algorithm.  This  is 
known  as  a  cipher.  A  cipher  is  used  to  encrypt  and  decrypt 
files.  This  process  is  related  to  the  password  and  the  keyfile,  so 
another  decrypter  cannot  decode  the  files  if  the  password  is  not 
known.  The  encryption  algorithms  are  very  strong,  and  used 
by  governments  and  the  military  worldwide.  The  AES  is  the 
encryption  standard,  serpant  was  a  close  contender  to  becoming 
the  encryption  standard,  and  twofish  is  based  on  blowfish, 
which  was  an  old  encryption  standard.  You  can  choose  any  of 
these  encryption  methods,  or  a  combination  of  the  two.  AES 
is  considered  to  be  the  best  compromise  between  speed  of 
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encryption/decryption  and  strength  of  the  encryption. 

The  next  step  is  to  choose  a  size  for  the  container.  It  is 
possible  to  choose  a  dynamically  expanding  container.  This 
means  that  the  size  of  the  container  increases  as  and  when  you 
put  data  into  it.  The  more  secure,  and  less  suspicious  way  is  to 
create  a  fixed  size  container.  The  prompt  allows  you  to  specify 
the  size  of  the  container  in  KB,  MB  or  GB.  Note  that  you  can 
move  the  container  to  other  locations  later  on,  just  copy  and 
paste  the  file.  For  now,  select  a  size  and  click  on  next. 

The  next  step  is  to  create  a  password.  A  password  of  around 
ten  characters  should  be  good  enough  for  any  lay  user.  Users 
can  additionally,  choose  to  add  keyfiles.  A  keyfile  can  be  any 
file  that  the  user  wants.  Once  generated  or  selected,  a  keyfile  is 
necessary  for  opening  the  document.  You  can  choose  any  file  as 
the  keyfile,  or  create  your  own  by  using  an  image  file  or  a  text 
file.  Without  the  keyfile,  you  wont  be  able  to  access  your  data, 
so  keep  it  carefully. 

The  next  step  is  to  format  the  volume.  This  allocates  a 
virtual  file  system  for  the  volume  you  are  creating,  without 
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affecting  tfie  file  system  of  tfie  volume  you  are  storing  the  file 
on.  This  just  dictates  the  behaviour  of  the  location  within  the 
virtual  drive,  where  your  data  is  going  to  be  stored.  The  location 
has  to  be  formatted  in  accordance  with  the  selected  drive 
format,  so  this  will  take  some  time. 

That  is  it,  your  volume  will  now  be  created.  To  create 
another  virtual  volume,  click  on  next.  Otherwise,  click  on 
Exit.  Now,  TrueCrypt  is  necessary  to  mount  the  volume.  What 
mounting  the  volume  does  is  emulate  the  file  as  a  drive  partition 
on  your  system.  Select  one  of  the  free  mount  points  available 
in  the  main  menu.  These  will  be  a  list  of  the  alphabets  not 
already  used  by  drives  on  your  system.  Then,  select  the  file  that 
you  used  as  the  container  for  the  virtual  volume,  and  click  on 
Mount.  You  will  be  prompted  for  the  password  and  the  keyfile, 
if  you  chose  to  use  one.  Once  these  are  entered,  your  encrypted 
and  hidden  volume  is  mounted  as  a  drive  on  your  system,  and 
you  can  copy  and  paste  data  in  and  out  of  it,  or  work  on  it 
directly. 

You  can  also  carry  around  the  file,  along  with  TrueCrypt, 
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and  use  the  same  container  on  multiple  locations.  Save  the 
container  on  a  portable  device,  and  you  have  a  portable 
encrypted  location  for  storing  your  data  securely. 

5.4  Password  protect  drive  access 

TrueCrypt  can  also  be  used  to  password  protect  drive  access. 
This  can  either  be  portable  drives,  or  the  drives  on  a  machine. 
Well  be  first  detailing  how  to  completely  encrypt  a  portable 
drive.  The  drive  will  detect  on  all  systems,  but  will  display  as 
being  unformatted.  To  read  or  write  in  the  drive,  you  will  have 
to  mount  It  on  another  mount  point  in  the  system,  then  enter 
the  password.  That  is,  if  the  portable  drive  is  allocated  the 
drive  letter  G  by  the  system,  you  will  have  to  mount  it  using 
TrueCrypt  to  drive  letter  H  to  be  able  to  write  and  read  from 
it.  Before  encrypting  the  drive,  copy  all  the  data  to  another 
location.  Although  TrueCrypt  can  keep  the  data  on  the  drive, 
this  is  a  longer  process.  The  data  is  moved  around,  the  drive  is 
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Encrypting  a  non-system  partition 

encrypted,  and  the  data  is  moved  back  in.  This  is  faster  if  the 
user  does  it.  We  will  be  showing  a  method  that  deletes  all  the 
data  in  the  drive,  as  it  is  considerably  faster  and  more  practical. 
Go  to  Volumes>Create  New  Volume  in  TrueCrypt.  Select  the 
second  option.  Encrypt  a  non  system  partition/ drive.  Then  click 
on  Next. 

Select  the  Standard  TrueCrypt  volume  as  the  volume  type. 
Then  select  a  partition  or  device.  In  this  step,  you  can  either 
choose  an  external  drive,  or  a  drive  where  the  operating  system 
you  are  running  is  not  located.  On  most  systems,  this  means 
everything  but  the  C  drive  is  ok  to  go.  Here,  we  are  encrypting  a 
thumb  drive. 

Click  on  Next.  Then  select  a  creation  Mode.  To  save  time  and 
resources,  choose  Create  Encrypted  volume  and  format  it.  Then 
click  on  next.  The  encrypt  partition  in  place  should  be  used 
only  when  you  have  nowhere  else  to  transfer  the  data  to.  In 
that  case,  it's  a  good  idea  to  leave  the  operation  overnight,  and 
is  a  little  risky  as  you  have  to  ensure  that  the  power  is  supplied 
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Next,  select  an  encryption  algorithm,  and  click  next.  You 
will  be  prompted  about  the  imminent  loss  of  all  data  on  your 
drive.  Agree,  and  continue.  That  is  it,  whether  this  is  an  external 
drive,  or  a  non-system  partition,  you  will  have  to  mount  it  using 
the  password  and  TrueCrypt,  before  it  shows  up  in  the  list  of 
drives  on  the  system. 

TrueCrypt  can  also  be  used  to  encrypt  a  system  volume, 
which  is  the  partition  of  the  hard  drive  where  the  operating 
system  is  located.  Doing  this  is  a  little  risky,  because  if  you  forget 
the  password,  you  won't  be  able  to  boot  up  your  machine.  Go  to 
Volume>Create  New  Volume,  and  select  the  third  option,  which 
is  "Encrypt  the  system  partition  or  entire  system  drive".  Choose 
"Normal"  as  against  "Hidden".  The  "Hidden"  option  creates  a 
fake  encrypted  Operating  System.  There  will  be  two  hidden  and 
encrypted  Operating  System  on  the  system,  and  you  can  reveal 
one  of  these  under  force. 
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Now  there  are  two  options.  The  first  option  allows  you  to 
encrypt  just  the  partition  of  the  hard  drive  where  the  operating 
system  is  located.  The  second  option  allows  you  to  encrypt  not 
just  the  partition  where  the  operating  system  is  located,  but 
all  the  partitions  on  the  drive  where  the  operating  system  is 
located.  There  is  no  option  to  encrypt  all  the  drives  m  the  hard 
disk,  because  this  can  be  done  through  the  Operating  System 
later  on.  TrueCrypt  does  this  by  installing  a  small  bootloader  in 
the  hard  drive,  which  requires  the  password  to  be  entered  before 
the  Operating  System  boots  up.  Click  on  Next. 

The  next  Window  gives  users  a  choice  on  encrypting  the 
host  protected  area  of  the  Operating  System.  This  is  usually 
where  the  backup  data  is  located,  or  some  such  functionality 
in  Laptops  and  on  some  Desktops.  The  safest  option  here  is  to 
select  No. 

The  next  screen  is  for  advanced  users.  Most  users  can 
select  single  boot.  However,  if  your  machine  has  more  than 
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one  operating  system  installed,  select  Multi-boot.  TrueCrypt  is 
cross  platform,  so  the  same  method  can  be  used  from  a  Linux 
Operating  System  to  encrypt  and  password  protect  a  Windows 
installation  on  the  same  machine.  Note  that,  in  case  of  multi- 
boot,  the  other  Operating  System  need  not  be  located  on  the 
same  hard  drive  as  the  one  being  encrypted,  this  option  is  just 
so  that  the  TrueCrypt  bootloader  is  configured  correctly. 

The  next  step  is  to  choose  the  encryption  algorithm.  Choose 
an  cipher,  and  click  on  Next.  Then,  key  in  a  password.  If  you 
choose  to  use  a  keyfile  at  this  point  of  time,  the  keyfile  will  have 
to  be  selected  before  system  load  from  an  external  device.  This 
means  that  every  time  the  Operating  System  has  to  be  booted, 
there  has  to  be  a  USB  drive  plugged  in  to  the  system.  This  is 
very  secure,  but  if  you  lose  the  keyfile,  you  will  lose  access  to 
your  data  as  well. 

The  next  step  generates  encryption  keys  using  random 
data.  Just  move  the  mouse  randomly  for  some  time,  and  click 
on  next.  The  next  window  allows  you  to  create  a  rescue  disc  in 
case  you  lose  your  keyfile.  This  operation  basically  allows  you  to 
restore  the  system  to  the  current  state.  This  is  necessary  in  case 
your  keyfile  gets  corrupt,  the  bootloader  gets  corrupt,  or  the 
Windows  installation  becomes  unusable  or  infected  by  malware. 
The  rescue  disc  is  an  iso  image  that  must  be  burned  on,  which 
is  a  bootable  disk.  Burn  the  iso  image  before  proceeding  with 
the  encryption.  Don't  burn  the  image  on  the  DVD  itself,  but 
burn  the  files  inside  the  iso,  that  is  open  the  iso  file  using  a 
DVD  burning  software,  and  proceed. 

You  will  have  to  burn  the  disc,  put  it  in  the  tray,  and  click  on 
Customize  the  bootloader.  Click  on  Next. 

You  get  to  customize  the  bootloader  now.  Enter  some  text 
for  the  password  prompt.  This  can  be  anything  that  you  prefer. 
Click  on  Next,  and  the  encryption  process  starts.  This  will  take 
some  time.  The  next  time  you  boot  the  operating  system,  you 
will  be  prompted  for  a  password. 

5.5  Securely  format  drives 

Sometimes,  it  is  important  to  delete  data.  This  can  range  from 
sensitive  documents  to  keyfiles.  The  ability  to  erase  securely 
is  more  important  when  using  public  computers,  or  shared 
computers.  Also,  if  you  are  selling  away  old  hard  disks,  it  is 
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very  important  to  securely  format  such  drives.  There  have  been 
many  cases  of  data  thefts  recovering  sensitive  materials  from 
hard  drives  sold  off  in  auctions.  Deleting  the  data  from  the 
recycle  bin  is  not  enough,  or  using  shift+delete  does  not  really 
delete  the  data.  What  these  operations  do  is  remove  the  index 
of  the  particular  files  from  the  index.  A  file  recovery  tool,  as 
demonstrated  above,  can  recover  files  from  such  drives.  The 
data  will  remain  in  the  hard  drive  for  long  periods  of  time, 
especially  if  the  files  are  small  in  size. 

Software  for  securely  deleting  data  are  available.  These 
software  delete  the  file  from  the  index,  as  well  as  replace  the 
actual  data  on  the  drive  with  pseudorandom  data.  The  physical 
location  of  the  data  on  the  disk  is  overwritten,  so  the  chances 
of  recovering  the  data  is  greatly  reduced.  We  will  be  showing 
how  to  use  two  free  programs  for  deleting  data,  but  there  are 
more  available.  These  are  both  freeware.  FreeCommander  is  an 
alternative  to  Windows  Explorer,  and  has  a  number  of  extra 
features.  FreeCommander  securely  deletes  data  quickly  and 
easily  Eraser  is  another  application,  and  it  can  be  configured  to 
overwrite  the  data  many  times  over.  Eraser  is  the  more  secure 
and  robust  file  shredding  application,  but  is  also  far  more  time 
consuming  because  of  the  numerous  overwrite  runs  required. 

Free  Commander  is  a  free  file  browser  that  makes  exploring 
the  file  system  easier.  Folders  show  up  with  sizes,  and  there  is 
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a  dual  pane  interface  that  makes  moving  data  around  a  breeze. 
To  securely  delete  data,  select  the  files  or  folders,  then  go  to 
File>Wipe. 

Free  Commander  offers  upto  10  overwrite  runs.  Each 
"run"  involves  rewriting  the  area  where  the  data  was  stored 
with  random  data.  The  more  the  runs,  the  more  irrecoverable 
the  data  becomes.  However,  if  you  have  deleted  data,  without 
wiping  it,  then  it  can  be  recoverable  by  a  file  recovery  software. 
Free  Commander  has  no  function  to  erase  the  empty  hard  disk 
space,  and  rewrite  the  empty  information. 

This  is  where  Eraser  steps  m.  Eraser  is  a  deceptively  simple 
looking  program.  Eraser  can  securely  delete  the  data  even  in 
the  free  space  section  of  the  hard  drive,  where  data  exists,  but 
is  not  indexed.  Go  to  File  and  add  tasks  to  add  the  parts  of  the 
hard  disk  that  has  to  be  erased.  The  user  can  add  empty  hard 
disk  space,  specific  folders,  or  individual  files.  Each  operation 
is  called  a  task,  and  any  number  of  tasks  can  be  added  to  a  list 
known  as  the  task  list.  Eraser  goes  through  the  task  list,  erasing 
the  identified  data  one  at  a  time. 

At  each  instance  of  an  erasing  operation,  there  are  a  whole 
range  of  secure  deletion  options  available  to  the  user.  There  are 
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Creating  a  custom  pass  pattern 


a  few  default  patterns  in  wliidi  tlie  erasing  occurs,  but  this  can 
be  entirely  tweaked  by  the  user.  The  most  secure  default  pattern 
offered  by  the  program  is  the  Gatmunn  method,  which  involves 
thirty  five  passes. 

This  is  more  than  anyone  really  requires.  However,  to  give 
yourself  the  illusion  of  extra  security,  and  more  importantly, 
peace  of  mind,  you  can  choose  to  create  your  own  erase/ 
overwrite  patterns.  Click  on  new  to  create  your  own  pattern. 
You  can  specify  an  unlimited  number  of  passes,  and  define  what 
kind  of  data  is  used  to  overwrite  the  file  or  empty  space  m  each 
of  these  passes.  A  pattern  overwrite  uses  a  specified  pattern,  and 
the  pseudorandom  data  overwrites  with  random  characters.  We 
specified  an  operation  which  implements  101  passes. 

Note  here,  that  the  more  passes  you  specify,  the  more  is 
the  time  taken.  Overwriting  files  and  folders  is  a  relatively 
fast  operation,  compared  to  rewriting  all  the  empty  space  m 
a  hard  disk.  Even  a  10  passes  operation  will  take  a  long  time 
when  it  comes  to  clearing  hard  disks  with  a  lot  of  empty 
space.  Also  note  that  two  or  more  identical  passes,  following 
the  same  pattern  (say  all  zeroes)  is  the  same  as  one  pass  with 
that  pattern.  Either  alternate  the  pattern,  or  sandwich  patterns 
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between  two  pseudorandom  data  passes.  Deleting  all  the 
existing  data  m  the  hard  drive,  then  erasing  all  the  empty  space 
using  Eraser  will  securely  delete  all  the  data  on  your  hard  drive. 
Now  even  specialists  cannot  recover  the  data  easily  from  your 
hard  disk.  It  is  safe  to  sell  or  dispose  hard  disks  only  after  you 
have  securely  deleted  all  the  data  on  the  drive. 
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6  Mobile  phones 

In  this  wireless  and  busy  world,  mobile  phones  can't  be  left  far 
behind  m  the  war  of  viruses  and  counter  measures.  Gone  are  the  j 
days  when  mobile  were  used  only  for  placing  calls  and  messaging.  p 
Todays'  mobile  phones  are  used  to  do  everything  from  calling,  a 
messagmg,  blogging,  browsing,  transferring  files  by  means  of  C 
Bluetooth  and  MMS.  "With  cellular  mobility  and  handhelds 
evolving  by  the  months,  and  their  increasing  resemblance  to 
computing  devices,  they  are  getting  increasingly  vulnerable  to 
attacks  and  infringement  of  our  privacy. 

Every  time  you  connect  your  phone  to  the  computer  to  transfer 
images  or  share  your  contact  list,  you  are  just  opening  up  yourself  e 
to  a  host  of  malicious  coding  out  there  aimed  solely  at  causing  C 
harm  to  your  device.  Also,  the  next  time  you  are  in  a  public  place  ^ 
and  are  sharing  files  over  Bluetooth  make  sure  you  pair  up  with  " 
trustworthy  devices.  This  could  save  you  a  lot  of  pain  in  the  literal  ^ 
sense.  Read  on  more  to  find  out  remedies  m  case  you  happen  to  y 
be  infected.  Even  if  you  aren't,  you'll  get  to  know  of  some  helpful 
remedial  steps  to  prevent  such  events. 

6.1  Password  protect  phone  access 

Password  protection  is  not  a  new  feature  in  cellular  phones.  This 
is  among  those  rarely  used  functions  available  in  most  handsets. 
All  phones  have  this  one  function  to  set  a  password  to  your  phone 
to  prevent  misuse.  However,  we  do  warn  that  you  still  need  to 
monitor  your  phone  and  not  leave  it  to  unauthorised  use.  "While 
going  through  the  functions  in  your  phone,  you'll  come  across 
two  security  codes  -  PIN  and  PIN2.  These  are  two  codes  which 
are  generally  4  digits  wide,  but  can  go  up  to  8  digits.  PIN  is  used 
to  prevent  unauthorised  access  to  your  cell  phone.  Normally,  most 
OEMs  set  these  to  default  values  of  1234  and  12345,  respectively. 
You  or  the  handset  user  would  be  prompted  to  key  in  the  PIN  on 
accessing  keypad. 

Similarly,  in  order  to  access  the  priority  numbers  m  the  phone, 
there  is  another  PIN2  that  you  need  to  key  in.  As  a  protective 
measure,  the  phone  gives  you  just  three  chances  at  entering  the 
correct  PIN.  So  be  sure,  don't  take  your  password  lightly.  If  you 
don't  get  the  code  right  on  the  third  try,  the  subscriber  identity 
module  (SIM)  card  gets  locked.  Once  your  SIM  card  is  locked,  you 
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need  to  contact  your  cellular  operator  and  request  a  PIN  unlocking 
key  (PUK).  Your  operator  would  provide  this  code  after  you  verify 
your  identification  and  provide  them  with  your  international 
mobile  subscriber  identity  (IMSI)  number.  You  can  get  your  IMSI 
by  referring  to  your  SIM  card.  It's  the  15-digit  number  printed  on 
your  SIM. 

By  taking  this  single  precautionary  step,  you  would  save  any 
fidgety  and  inquisitive  person  from  getting  hold  of  your  personal 
information.  For  increased  security,  you  can  install  third-party 
applications  to  prevent  unauthorised  access  to  your  phone. 
However  the  choice  depends  on  how  critical  the  information  on 
your  phone  is.  Else,  increasing  the  number  of  applications  on  your 
handset  would  just  eat  into  the  processor  causing  a  slowdown  in 
its  operation.  Practically,  one,  or  at  the  most  two  levels  of  security  is 
more  than  sufficient.  Depending  on  what  you  want  to  keep  away, 
you  can  use  either  of  the  solutions  mentioned  in  the  following 
sections. 

6.2  Hide  photos  and  videos 

Our  phones  give 
insights  into  our 
deepest  secrets.  It 
has  our  contacts 
in  addition  to  our 
personal  messages. 
With  the  advent  of 
cameras  and  memory 
cards  in  mobile 
phones,  it  also  has 
our  personal  and 
intimate  moments 
captured.  This  not 
only  requires  us  to 
be  more  responsible 
for  ourselves,  but 
for  all  those  who 
stay  captured  on  our 
handsets.  This  further 
increases  the  need  to 
ensure  the  photos  and 
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Bulambod  lets  you  encrypt  and  decrypt  file" 
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videos  that  we  have  captured  and  stored  on  our  mobile  phones 
don't  fall  into  the  wrong  hands. 

Multimedia  content  is  in  no  way  different.  One  way  of  hiding 
these  files  from  external  access  is  by  disabling  their  ability  to  be 
played  by  the  phone's 
multimedia  player. 
The  easiest  way  to  do 
this  is  to  remove  the 
file  associations  by 
renaming  the  file  on 
the  memory  stick.  This 
way,  although  you  still 
have  your  images  and 
videos  with  you,  any 
unknown  anonymous 
person  cannot  view 
them  while  you  are 
away. 

Another 
promising  application 
is  Bulambod.  The 
creator  claims  it  is  an 
unbreakable  cipher 
In  cryptography 
terminologies,  a  cipher 
is  an  algorithm  that 
performs  encryption 

and  decryption  operations  on  any  given  information  or  data. 

Simply  put,  a  cipher  is  the  code  used  to  encode  and  then 
eventually  decode  the  message.  All  you  need  to  do  is  select  a  file 
that  you  need  to  encrypt,  enter  your  password  and  Bulambod  will 
do  the  rest.  Decryption  is  also  easy.  There  is  no  limit  on  the  length 
of  the  password  that  you  can  use  and  so  it  is  difficult  to  crack. 

You  can  download  this  application  at  http://handheld.softpedia. 
com/get/Security/Encryption/Bulambod-70808.shtml. 

If  all  you  want  to  do  is  encrypt  your  photos,  you  can  also  use 
PictureEncryp  ter 

Download  PictureEncrypter  at  http://handheld.softpedia.com/get/ 
Security/Encryptlon/PictureEncrypterer-61052.shtml.  This  application 
lets  you  ZIP  your  images  and  assign  a  password  to  it.  To  view  your 
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With  PictureEncrypter  you  can  assign 
passwords  to  your  pictures 
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image,  all  you  need  to  do  is 
type  the  password  and  it  will 
let  you  zoom  into  your  image. 

6.3  Hide  and  pass- 
word protect  access 
to  messages 

A  mobile  phone  is  meant 
for  placing  voice  calls  and 
messaging.  With  these  two 
functions  secure,  you  can 
be  assured  that  your  phone 
cannot  be  misused.  For  this, 
you  can  use  Private  Call  and 
SMS  guard.  You  can  find  this 
application  at  http://www. 
getjar.com/products/7250/ 
PrivateCallandSmsGuard. 

This  application  gives  you  the  best  of  most  call  and  SMS 
applications.  It  lets  you  personalise  your  phone  by  assigning  rules 
to  calls.  You  can  individually  set  rules  to  accept  or  reject  calls  your 
contacts.  This  way  you  don't  have  to  bother  of  whose  call  to  accept 
and  whose  to  reject.  You  only  receive  calls  from  people  you  are 
comfortable  with!  It  also  lets  you  set  up  a  blacklist  of  numbers  you 
don't  wish  to  receive  calls  from. 

Similar  to  calls,  it  also  lets  you  set  rules  for  messages.  You  can 
create  a  blacklist  of  numbers.  Any  message  from  a  number  on  this 
list  IS  automatically  blocked. 

6.4  Hide  contact  list 

These  days,  mobile  phones  are  indispensable  companions.  We  find 
it  difficult  to  do  away  with  them.  Nevertheless,  it  holds  personal 
details  and  contacts  to  such  an  extent  that  it  deserves  the  attention 
it  gets  from  us.  In  fact,  there's  software  aimed  at  protecting  all  the 
information  in  there. 

On  such  application  is  Hidden  Contacts  by  Tektronic  SRL.  You 
can  download  this  application  at  http://tektronic.ro/productdet. 

aspx?prodid=12.  With  this  application  loaded,  you  can  assign  a 
password  to  select  contacts  on  your  list.  For  example,  if  you  have 
some  critical  contacts  that  you  wish  to  keep  as  a  closely  guarded 
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secret,  this  application  is  for  you.  Not  only  does  it  hide  the  contact 
and  other  details  in  the  list,  it  also  sends  the  messages  directly  to 
the  contact  without  having  the  message  stored  in  the  default  sent 
items  folder  of  your  phone. 

Additionally  this  application  lets  you  lock  the  call  log  function 
of  the  phone.  Not  only  will  no  one  else  know  what  you  messaged 
your  secret  contacts,  they  won't  even  know  if  you  called  them.  This 
ensures  you  and  your  contact  of  privacy. 

6.5  Anti-virus  for  mobile  devices 

The  rules  for  virus  protection  are  more  or  less  similar  to  those  that 
hold  true  for  PCs.  Popular  PC  anti  virus  names  also  have  solutions 
for  mobile  phones.  Among  them  the  most  popular  are  F-Secure. 
You  can  access  this  at  mobile.f-secure.com.  Once  you  click  on  this 
link,  you  need  to  select  the  phone  you  use  and  then  download 
the  appropriate  file.  You  will  find  the  experience  familiar  with  it 
downloadmg  the  virus  database  the  first  time. 

F-Secure  is  an  all-in-one  suite  and  serves  as  an  anti-theft 
application,  anti-spyware  and  firewall  m  addition  to  being  an  anti 
virus.  Click  on  the  link  that  says  try  on  the  bottom  right  of  the 
home  page  and  you  will  be  asked  to  register  yourself  Fill  in  your 
name,  country  and  email  address.  That  is  all  the  information  they 
require  of  you.  A  download  link  is  promptly  sent  to  your  email 
address.  F-Secure  also  lets  you  run  a  real-time  scan  of  your  mobile. 
If  it  finds  a  virus  in  real  time,  it  will  prompt  you.  You  can  choose 
between  viewing  the  file  or  deleting  it. 

Another  popular  mobile  anti-virus  is  Kaspersky  Labs'  mobile 
solutions.  You  can  download  the  application  at  www.kaspersl<v.com/ 
mobile_downioads. 

6.6  Disable  password  saving  on  WAP  and  GPRS 

Similar  to  browsing  on  a  public  computer,  the  same  holds  true  for 
your  mobile  phone.  It  is  definitely  not  difficult  for  someone  to  gain 
physical  access  to  your  handset  while  you  are  away  and  get  to  your 
inbox  simply  because  you  saved  passwords  to  reduce  the  need 
for  some  extra  key  pressing.  When  using  your  phone's  browser 
for  browsing  or  using  any  popular  mobile  browser  such  as  Opera 
Mini,  we  are  often  tempted  to  save  our  password,  as  it  makes  it  so 
convenient  to  browse.  All  you  need  to  do  is  initialise  the  application 
and  you  are  ready. 
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This  also  has  a  downside  to  it.  Hence,  we  should  be  cautious 


'       and  it  is  wise  to  enter  your  password  each  time  you  browse. 

^     6.7  Encrypt  messages 

P       Blender  xxTea  edition 

A       You  can  use  for  encrypting  your  messages  and  any  other 
C        mformation  is  Blender.  You  can  download  Blender  at  http:// 
K  handheld.softpedla.com/progDownload/Blender-XXTea-Edition-Download- 
70031.html.  With  Blender,  all  you  need  to  do  is  store  your  messages 
'''       like  you  normally  do. 

All  you  need  to  do  is  store  your  data  normally  in  the  places 
5       you  do.  So  be  it  your  messages,  Notes,  tasks  or  Contacts,  you  can 
E       encrypt  them  using  Blender  Send  this  encrypted  data  over  email 
C       or  send  it  as  a  file  or  your  recipient  as  a  message  who  can  decrypt 
U       It  using  Blender  so  that  only  the  two  of  you  can  understand  the 
"       message.  Since  Blender  can  be  used  even  on  a  web  page,  you  do 
I       not  need  your  mobile  phone  to  decode  or  read  the  messages.  All 
Y       that  is  needed  is  the  same  cipher. 

However,  with  Blender  you  cannot  encrypt  short  messages 
such  as  short  PIN  numbers  because  Blender  does  not  encrypt 
messages  with  a  character  length  of  4  characters  of  less. 


As  if  spam  in  our  emails  were  not  enough,  that  we  needed  spam  on 
our  mobiles  too!  But  then,  it's  all  about  business  and  everyone  out 
there  wants  to  earn  a  quick  buck.  The  result  -  we,  the  victims  of 
spam.  It's  high  time  we  took  control  of  the  situation.  We  could  also 
help  our  friends  and  family  out  of  the  menace. 

One  application  that  is  effective  m  arresting  SMS  spam  is 
SMS  Spam  Manager  You  can  access  this  application  at  http://www. 
webgate.bg/products/ssm/.  Once  you  download  SMS  Spam  Manager, 
you  need  to  configure  it  by  setting  the  filters  for  blocking  spam. 
There  are  six  rules  for  this.  This  way  you  are  able  to  filter  all  your 
incoming  text  messages.  The  first  three  rules  are  general  -  Accept 
all,  block  all,  and  Accept  phonebook  only. 

Accordingly,  all  messages  are  allowed  when  you  select  Accept 
all.  In  this  case,  the  filters  are  inactive  and  they  do  not  monitor  the 
messages  you  receive.  In  case  of  Block  all,  again  it  is  similar  Spam 
Manager  will  not  monitor  the  messages  in  any  way,  but  rather 
block  all  messages.  The  safest  filter,  however  is  the  third  case  where 
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only  messages  from  contacts  in  your  Phonebook  are  allowed  to  * 
pass  through.  This  way  you  are  assured  that  you  receive  messages  ^ 
only  from  known  people.  ''' 

The  remainmg  three  filters  in  SMS  Spam  Manager  are  worth  j 
noting,  because  these  are  what  effectively  fight  the  spam  menace.  p 
You  can  block  messages  on  the  basis  of  telephone  number,  a 
prefiK  number  or  text  match.  This  is  really  effective.  No  longer  C 
would  those  messages  from  those  short  code  special  numbers  go  ^ 
undetected.  All  we  used  to  see  was  some  number  as  45678  and 
there  was  nothing  we  could  do.  With  Spam  Manager,  this  number  J 
IS  detected  and  automatically  blocked. 

However,  there  is  a  catch  to  it.  For  example,  your  cellular  5 
operator  keeps  sending  you  offers  for  services  in  astrology  and  e 
also  those  love  and  beauty  tips.  You're  probably  disgusted  with  C 
them,  but  you  don't  want  to  miss  out  on  your  bill  status.  All  these  ^ 
messages  probably  originate  at  the  same  number  Therefore,  " 
blocking  out  that  number  wouldn't  be  a  wise  decision  after  all.  All  ^ 
you  need  to  do  is  type  in  the  phrase  that  typically  appears  in  the  y 
spam  messages.  So,  "know  what  your  stars  say"  or  "Special  love 
tips"  or  "lose  5  kgs  in  a  week"  could  reduce  your  agony  drastically, 
if  not  put  an  end  to  it! 

Finally,  nothing  is  lost.  Similar  to  a  spam  folder  m  your  mailbox 
where  you  can  occasionally  go  and  check  if  you  have  lost  any  mail, 
you  can  check  to  see  if  any  message  has  been  wrongly  filtered  out 
as  spam  and  restore  them  to  your  inbox. 


Phone  theft  is  rising  by  the  day.  We  have  heard  of  all  kinds  of 
technologies  being  implemented  by  cellular  manufacturers  these 
days  to  ensure  that  you  would  be  able  to  recover  your  handset  in 
the  event  of  theft.  But  what  if  your  handset  is  not  equipped  with 
such  technology?  You  should  not  be  left  behind.  Phone  Guardian 
was  aimed  at  such  users.  You  can  download  Phone  Guardian  v3.0 
at  http://www.filGcluster.com/downloads/Phone-Guardian.html.  This 
application  works  by  auto  locking  your  phone  in  case  it  is  stolen. 
To  do  this,  you  need  to  send  a  lock  SMS. 

Phone  Guardian  decodes  the  message  and  understands  that 
your  phone  is  not  in  your  possession  any  more  and  automatically 
locks  your  phone.  This  prevents  abuse  of  your  personal 
information.  Whoever  recovers  the  phone  will  only  be  able  to  use 
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A  any  function  of  the  phone  unless  they  know  the  correct  password. 

5  So  beware,  do  not  commit  the  blunder  of  forgetting  your  password 

'''  -  you  will  not  be  able  to  uninstall  Phone  Guardian  after  it  gets 

J  locked. 

P  In  the  latest  version  of  Phone  Guardian,  there  are  so  new 

A  features  that  further  increase  security.  It  has  a  new  GPS  tracking 

C  option,  whereby  you  can  remotely  track  your  phone  by  controlling 

K  the  GPS  module  by  sending  text  messages  to  your  phone. 

^       Xpress  alarm 

Another  application  aimed  at  preventing  mobile  phone  theft  is 
5       Xpress  alarm.  With  this,  all  you  need  to  do  is  keep  your  phone 
E       in  your  pocket.  The  moment  your  phone  is  outside  the  pocket,  it 
C       sounds  an  alarm.  You  can  dowload  Xpress  alarm  at  http://handheld. 
U  softpedia.com/progDownload/XpressAlarm-Download-77817.html. 
"  Despite  all  the  applications  available  here,  nothing  is  more 

I       effective  than  being  responsible.  Taking  ownership  of  your 
Y       phone  comes  before  everything  else.  With  every  development  in 

technology,  there  are  counter  measures  being  developed  all  the 

time.  For  every  password  encrypter,  there  is  a  decrypter  being 

developed. 

Also,  we  would  like  to  stress  on  the  need  to  use  original 
software.  In  the  applications  we  have  mentioned,  some  do  provide 
advanced  functionalities  on  registering  and  paying  a  fee.  If  you 
really  need  these  functions,  you  should  consider  purchasing  the 
original  software  rather  than  using  pirated  versions  or  opting  for  a 
cracked  version.  On  second  thoughts,  we  should  not  feel  the  pinch 
if  our  mobile  phones  are  stolen  if  we  use  pirated  software  —  that  is 
theft  after  all! 

Finally,  by  staying  safe,  you  just  don't  need  so  many 
precautionary  measures.  Practice  self  monitoring  over  the  files  you 
store  on  your  phone.  Take  adequate  precautionary  measures  while 
transferring  file  to  and  fro  your  computer.  A  simple  step  as  showing 
your  hidden  files  and  folders  would  tell  you  of  unseen  infections 
residing  on  your  memory.  You  can  then  delete  them  before  they 
create  havoc.  Ensure  you  transfer  files  with  known  and  trustworthy 
people  only.  This  way  you  can  at  least  be  sure  the  ones  you  are 
pairing  up  with  don't  have  unfriendly  motives. 
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